The Dutch data protection authority, the Autoriteit Persoonsgegevens, issued a 725,000 euro fine to a company for violations of the EU General Data Protection Regulation. The DPA found the unnamed company required its employees to scan their fingerprints for attendance. The agency determined this use of biometric information did not meet the exceptions laid out in the GDPR. IAPP Netherlands Country Leader Jeroen Terstegge, CIPP/E, CIPP/US, wrote on Twitter the fine was the highest ever administered by the DPA. (Original article is in Dutch.)
If you want to comment on this post, you need to login.