France's data protection authority, the Commission nationale de l’informatique et des libertés, issued a 400,000 euro fine to U.S.-based biotechnology firm Monsanto Company for violating an individual's right to know under the EU General Data Protection Regulation. Monsanto allegedly held a file carrying personal information of 200 individuals without informing them what data was collected. Information gathered included individuals' occupations, company address and phone number, as well as personal mobile number and email address.
28 July 2021
CNIL issues 400K euro GDPR fine over 'right to know'
Related stories
Notes from the IAPP Canada: AI, collaboration, deidentification on privacy pros' minds
A view from DC: Nontariff barriers in the spotlight
A dilemma of distrust: How data governance and privacy can rebuild customer confidences
A view from Brussels: What is and isn't in the EU's AI Continent Action Plan
Notes from the Asia-Pacific region: Regulatory developments in China, Hong Kong