A nonbinding opinion from Court of Justice of the European Union Advocate General Priit Pikamäe alleged the German State Data Protection and Freedom of Information Commissioner of Land Hessen did not impose corrective measures after a citizens' personal data was reviewed by a local savings bank employee without his consent. The Advocate General said the regulator was obligated to act and be "required to define the most appropriate corrective measure(s) to remedy the infringement" upon being notified of data mishandling.
11 April 2024
CJEU opinion alleges German state DPA did not act on consumer claim
RELATED STORIES
Privacy in Arkansas: Is Arkansas ready for a consumer privacy law?
A view from DC: CFPB calls for states to regulate financial privacy
Notes from the IAPP Canada: OPC's WADA investigation 'raises some interesting issues'
A view from Brussels: European Commission's new tech policy center of gravity
First fine imposed under Thailand's Personal Data Protection Act
