The data protection authority of Baden-Württemberg administered the first fine in Germany for violations of the EU General Data Protection Regulation, according to a blog post from Hogan Lovells' Chronicle of Data Protection. The DPA fined an unnamed social media provider 20,000 euros after it suffered a data breach this past summer. The social media company informed affected users of the breach and the agency of its security failings. The DPA decided to penalize the company after the agency discovered it stored passwords in plain text, a violation of Article 32 of the GDPR. Meanwhile, the Dutch data protection authority has continued to conduct random audits of different organizations to assess their GDPR compliance efforts.
If you want to comment on this post, you need to login.