Spain's data protection authority, the Agencia Española de Protección de Datos, fined Google 10 million euros for EU General Data Protection Regulation violations. The AEPD found third-party data sharing by Google with legal database Lumen Project lacked an opt-out mechanism for data subjects. The shared data included personally identifiable data, email addresses and individuals' legal claims. The sanction also calls for Google to delete all the personal data shared with Lumen and halt further use of that data.
AEPD hands Google 10M euro GDPR fine
RELATED STORIES
Privacy in Arkansas: Is Arkansas ready for a consumer privacy law?
A view from DC: CFPB calls for states to regulate financial privacy
Notes from the IAPP Canada: OPC's WADA investigation 'raises some interesting issues'
A view from Brussels: European Commission's new tech policy center of gravity
First fine imposed under Thailand's Personal Data Protection Act