The Dutch data protection authority, Autoriteit Persoonsgegevens, fined tax authorities 3.7 million euros for violating the EU General Data Protection Regulation. The fine, the highest the DPA has ever imposed, was based on six violations including no legal basis for the processing of personal data, the goal of Fraud Signaling Facility was not defined in advance, contained incorrect information and information was kept for too long. The tax authorities can appeal the decision.
12 April 2022
Dutch DPA issues its highest fine
RELATED STORIES
Looming challenges for the EU AI Act's Code of Practice
Tracking evolving policy paradigms in a hallmark year for AI governance
AI and patents: What qualifies as a creator
A view from DC: CFPB calls for states to regulate financial privacy
Notes from the IAPP Canada: OPC's WADA investigation 'raises some interesting issues'
