Iceland’s data protection authority, Persónuvernd, fined the city of Reykjavík 5 million kronor over data processing under the Seesaw student system. The DPA said it considered that violations “concerned the personal data of children who enjoy special protection under the Data Protection Act and that it was considered likely that their sensitive personal data was entered as teacher feedback and information on students’ private affairs.” The DPA also noted insufficient authorization for the data processing and a “high risk” of data being transferred to the U.S.
11 July 2022
Iceland's DPA fines city for processing of children’s data
RELATED STORIES
What to know about the new Canadian government PIA standard
Notes from the IAPP Canada: 'The Debaters' battle it out over privacy
A view from DC: What does a second Trump presidency mean for privacy, AI governance?
A view from Brussels: Global Privacy Assembly explores the 'Power of i'
What the US election results may mean for digital policy
