The Netherlands' data protection authority, Autoriteit Persoonsgegevens, fined Belgium-based DPG Media 525,000 euros for EU General Data Protection Regulation violations. The DPA found the media company unnecessarily required proof of identity for individuals to exercise their rights to access or delete data the company held. The identity verification also violated GDPR data minimization requirements. DPG Media will appeal the decision.
24 Feb. 2022
Dutch DPA imposes 525,000 euro penalty
Related stories
Ireland's DPC details legitimate interest prong of its LinkedIn enforcement action
Notes from the IAPP Europe: Wrapping up November with the IAPP DPC
IAPP DPC 2024: Reynders discusses GDPR enforcement harmonization, adequacy developments
US Senate subcommittee ponders accountability for AI-assisted scams
Tracking evolving policy paradigms in a hallmark year for AI governance
