France’s data protection authority, the Commission nationale de l'informatique et des libertés, fined legal service provider Infogreffe 250,000 euros for violating the EU General Data Protection Regulation. An investigation found alleged violations of data retention requirements under Article 5(1)(e) of the GDPR and data security obligations under Article 32. The CNIL found 25% of Infogreffe users had their data held by the website beyond the stated 36-month period.

ADVERTISEMENT

Cassie IAPP Leaderboard - AI Checklist-041024-WP