The Netherlands' data protection authority, Autoriteit Persoonsgegevens, fined Belgium-based DPG Media 525,000 euros for EU General Data Protection Regulation violations. The DPA found the media company unnecessarily required proof of identity for individuals to exercise their rights to access or delete data the company held. The identity verification also violated GDPR data minimization requirements. DPG Media will appeal the decision.
If you want to comment on this post, you need to login.