France's data protection authority, the Commission nationale de l’informatique et des libertés, issued a 400,000 euro fine to U.S.-based biotechnology firm Monsanto Company for violating an individual's right to know under the EU General Data Protection Regulation. Monsanto allegedly held a file carrying personal information of 200 individuals without informing them what data was collected. Information gathered included individuals' occupations, company address and phone number, as well as personal mobile number and email address.
28 July 2021
CNIL issues 400K euro GDPR fine over 'right to know'
Related stories
4 critical compliance areas companies should review after CPPA's Honda settlement
Addressing the most difficult issues facing a US federal privacy law
Notes from the IAPP Canada: OPC's data breach self-assessment tool is bold, helpful
Notes from the Asia-Pacific region: Regulatory developments in full swing
FTC commissioner removals in focus at US House children's online safety hearing