France's data protection authority, the Commission nationale de l’informatique et des libertés, issued a 400,000 euro fine to U.S.-based biotechnology firm Monsanto Company for violating an individual's right to know under the EU General Data Protection Regulation. Monsanto allegedly held a file carrying personal information of 200 individuals without informing them what data was collected. Information gathered included individuals' occupations, company address and phone number, as well as personal mobile number and email address.
28 July 2021
CNIL issues 400K euro GDPR fine over 'right to know'
Related stories
A view from Brussels: Putting AI to the test on EU privacy, data protection developments
Why organizations should prioritize employee data protection to combat spear phishing
Notes from the Asia-Pacific region: Santa's on his way, bringing guidance from Singapore's PDPC, adoption of Vietnam's Data Law and more
EDPB weighs in on key questions on personal data in AI models
New tools aim to improve data activity monitoring, compliance efficiency
