The Polish data protection authority, the UODO, has issued a 20,000 PLN fine to a school for an EU General Data Protection Regulation violation. The school's violation is related to the biometric processing of fingerprints belonging to 680 students and its lack of a legal basis. Meanwhile, Malta's Office of the Information and Data Protection Commissioner fined the Lands Authority 5,000 euros for violating Article 32 of the GDPR. An investigation revealed the authority lacks proper technical and organizational measures to protect user data, which led to a breach. (Original article is in Polish.)
If you want to comment on this post, you need to login.