Spain's data protection authority, the Agencia Española de Protección de Datos, fined Google 10 million euros for EU General Data Protection Regulation violations. The AEPD found third-party data sharing by Google with legal database Lumen Project lacked an opt-out mechanism for data subjects. The shared data included personally identifiable data, email addresses and individuals' legal claims. The sanction also calls for Google to delete all the personal data shared with Lumen and halt further use of that data.
AEPD hands Google 10M euro GDPR fine
Related stories
Notes from the IAPP Canada: Privacy watchdogs — What the 2024–25 annual reports reveal
A view from DC: Competing Republican visions for tech policy in the 118th Congress
A view from Brussels: Addressing data retention discrepancies
Notes from the Asia-Pacific region: Privacy matters to customers, individuals, society
European Commission receives final version of General-Purpose AI Code of Practice
