The Dutch data protection authority, Autoriteit Persoonsgegevens, fined Booking.com 450,000 euros for violations related to a 2018 breach. The AP alleges the reservation service provider did not report a breach involving more than 4,100 customers until 22 days after the incident came to light. The delay fell outside of the 72-hour breach notification requirement. AP Vice President Monique Verdier said breaches can "happen anywhere" despite "good precautions," however, she added that "you have to report this in time" to protect customers.
31 March 2021
Dutch DPA issues 450K euro fine over breach reporting
Related stories
Privacy in the age of robotics: A discussion with Erin Relford
GPS 2025: Sam Altman, Alex Blania discuss Tools for Humanity's biometric technology
Notes from the IAPP Canada: An evolving approach to privacy amid geopolitical shifts
GPS 2025: European regulators reflect on pay or consent enforcement, concerns
GPS 2025: Collaboration, precision highlight future of US state privacy law enforcement
