Offbeat

Legal

EU've been naughty: GDPR has netted bloc €114m in fines since 2018

France, Germany and Austria house the most offenders – survey


EU regulators have slapped businesses with an estimated €114m (£97.29m) in fines for data leakage or crappy practices since GDPR was introduced in May 2018, although bigger numbers are expected in future penalties.

Regulators in France, Germany, and Austria reported the biggest fines so far, according to a report by law firm DLA Piper. More than 160,000 breaches have been reported across EU member states plus Norway, Iceland and Liechtenstein. The latter three are all members of the European Economic Area but not full EU members.

France was responsible for the heftiest financial penalty, hitting Google with a €50m bill for infringement of the transparency principle and lack of valid consent.

The Netherlands reported the largest number of offenders, with 40,647 breaches notified to regulators. Germany came in second with 37,636 notifications, and Britain came in third with 22,181.

The UK's Information Commissioner's Office has already announced its intention to fine British Airways £183m for computer attacks that exposed 500,000 customers' data last year, and hotel chain Marriott £99m over a cyber attack in which hackers stole the record of 339 million guests.

GDPR was established to protect privacy by imposing restrictions on how companies use and protect customers' data. The legislation gave regulators the power to fine companies as much as 4 per cent of global annual revenues for serious violations.

The fines so far are small in comparison to the EU's anti-trust cases, which last year alone stung Google with a record €4.3bn fine over the Android mobile OS. Yet GDPR fines are likely to rise as they establish legal precedents, according to Ross McKean, a partner at DLA Piper specialising in cyber and data protection.

"The total amount of fines of €114m imposed to date is relatively low compared to the potential maximum fines that can be imposed under GDPR, indicating that we are still in the early days of enforcement," he said in a statement. "We expect to see momentum build with more multimillion-euro fines being imposed over the coming year as regulators ramp up their enforcement activity." ®

Send us news
35 Comments

Missouri governor demands prosecution of reporter for 'decoding HTML source code' and reporting a data breach

Salus populi suprema lex esto ... or perhaps not

A Missouri politician has been relentlessly mocked on Twitter after demanding the prosecution of a journalist who found and responsibly reported a vulnerability in a state website.

Mike Parson, governor of Missouri, described reporters for local newspaper the St Louis Post Dispatch (SLPD) as "hackers" after they discovered a web app for the state's Department of Elementary and Secondary Education was leaking teachers' private information.

Around 100,000 social security numbers were able to be exposed when the web app was loaded in a user's browser. The public-facing app was intended to be used by local schools to check teachers' professional registration status. So users could tell between different teachers of the same name, it would accept the last four digits of a teacher's social security number as a valid search string.

Continue reading

Everyone who wants a smartphone for Chrimbo will get one, but in the real world things are somewhat different

Global handset market slips in Q3 on sliding chipset availability, says Canalys

Crippling component shortages caused smartphone shipments to dip in calendar Q3, though it was the also-rans, vendors outside of the top five biggest brands with the lowest economies of scale, that suffered most.

Preliminary results from Canalys show the market declined 6 per cent year-on-year. The analyst was not yet ready to make public the absolute shipment figures but a year ago sales into the channel were 348 million, so they look 20.9 million units lighter.

"The chipset famine has truly arrived," said Ben Stanton, principal analyst. "On the supply side, chipset manufacturers are increasing prices to disincentivize over-ordering, in an attempt to close the gap between supply and demand. But despite this, shortages will last until well into 2022."

Continue reading

Windows terminates here. Please remember to finish setting it up on arrival

Washington Metro admin has taken an early lunch

Bork!Bork!Bork! It's a whole new world for bork today as a Washington Metro platform indicator suggests an alternative to the usual train for weary commuters. How about getting a bit more out of Windows?

This is a suggestion that everyone wants to see while waiting for a Yellow Line train at Washington Metro's Huntington Station (located, helpfully, on Huntington Avenue in the Huntington Area).

Continue reading

Boeing 737 Max chief technical pilot charged with deceiving US aviation regulators over MCAS

He hasn't got $2.5bn to hand to the DoJ, unlike his bosses

A Boeing 737 Max test pilot has been charged with obstructing US aviation safety regulators, according to the US Department of Justice, and faces up to 20 years in prison if convicted.

Former 737 Max chief technical pilot Mark Forkner, 49, of Texas, has been charged with "deceiving the Federal Aviation Administration's Aircraft Evaluation Group" (AEG) and committing fraud by misleading Boeing's airline customers into believing the 737 Max was a safe aircraft.

"Forkner allegedly abused his position of trust by intentionally withholding critical information about MCAS during the FAA evaluation and certification of the 737 MAX and from Boeing's US-based airline customers," said Assistant Attorney General Kenneth A Polite Jr of the Justice Department's Criminal Division in a statement.

Continue reading

Keep expectations low and you won't be disappointed: OVH manages 6 per cent increase on its IPO debut

French cloud provider puts outage and fire behind it to focus on beating the big players

French cloud and colocation service provider OVH has edged a 6 per cent increase in its nominal market valuation following its initial public offering on the Euronext Paris stock exchange.

The Gallic tech challenger, viewed by some as the great cloud hope for Europe, has faced its fair share of challenges this year, having seen fire engulf its Strasbourg operations on 10 March.

But the European IPO proved hot in other ways, with shares up to around €19.70, well on track with the launch price range of €18.50-€20.

Continue reading

Space boffins: Exoplanet survived hydrogen-death of its host star

Hope extended to gas giants across the universe... well, it is Friday

Those of us fatalistically counting down the minutes until the Earth is engulfed by the dying embers of the Sun in approximately 5 billion years might be offered a glimmer of hope by the news that planets – or at least gas giants – can survive the collapse of their host star.

Joshua Blackman, a postdoctoral researcher at Australia's University of Tasmania, and his colleagues have found evidence of a Jupiter-like planet orbiting a white dwarf star somewhere outside the Solar System off in the Milky Way.

It is the first time scientific evidence of a planet surviving a star's collapse has been presented, although theoretical models predicted it is possible, according to a study published in Nature.

Continue reading

Spanner in the works: The goal is not 100% compatibility, Google says of PostgreSQL interface

Meanwhile, Yugabyte says PostgreSQL compatibility for its distributed database dates back to 2019

Google has clarified details of the interface between its popular distributed SQL database-management-cum-storage-service Spanner and the open-source RDBMS PostgreSQL.

According to a blog published this week, Spanner's PostgreSQL interface uses "the familiarity and portability of PostgreSQL" to make developers' lives easier.

"Teams can be assured that the schemas and queries they build against the Spanner PostgreSQL interface can be easily ported to another PostgreSQL environment, giving them flexibility and peace of mind," said Justin Makeig, product manager for Cloud Spanner.

Continue reading

German Pirate Party member claims EU plans for a GDPR-compliant Whois v2 will lead to 'doxxing and death lists'

ICANN also dislikes it but web infrastructure firms don't really mind

The European Union has drawn the ire of privacy activists for proposals to put real names and contact details back into Whois lookups, as part of its Network and Information Systems (NIS) Directive.

The EU Commission's draft update to the NIS Directive has been slowly grinding through the bloc's bureaucracy, and this week German Pirate Party MEP Patrick Breyer declared it "a big step towards abolishing anonymous publications and leaks on the internet."

Why? Because the draft directive's explanatory memorandum [PDF] says domain registries will have to "establish policies and procedures for the collection and maintenance of accurate, verified and complete registration data, as well as for the prevention and correction of inaccurate registration data."

Continue reading

Who are shortages good for? The channel! World's biggest distributor forecasts tech price hikes from January

Things not likely to improve until 2023

Canalys Forum 2021 Technology price rises are about as welcome Windows 11's needy hardware specs but one part of the industry is quietly happy about the inflationary conditions caused by industry-wide component shortages – the channel.

A raft of finished goods are costing more to produce in 2020 and this is being passed onto the end users, including PCs and networking gear.

At the Canalys Forum, an annual event for tech suppliers, Steve Brazier, CEO at the market researcher-cum-consultancy, was effervescent about the state of play.

Continue reading

Reg readers: Don't assume anything when sharing health data

Debate exhibits chronic distrust of policy makers, Big Pharma, and insurance companies

Register debate This week's Register Debate tussled over the motion Assumed consent is the right approach for sharing healthcare patients' data, beyond their direct care. The results are in, and as you can see, we have a clear winner.

AMP pages do not support showing a poll for debates.

It's possible that there are more intimate forms of personal data than our health records. However those generally arise purely as a result of our personal choices.

Continue reading

All I want for Christmas is a delivery address that a delivery courier can find

Send me an SMS and I’ll tell you everything

Something for the Weekend, Sir? Below the note is scrawled an ominous threat: "We know where you live."

Instinctively I look up and down the street in case I can spot who might have just stuffed the note halfway into my letterbox. Is anyone hurrying away, suspiciously covering their face? An unmarked van parked opposite with darkened windows?

Nope. I re-read the handwritten message. "We know where you live."

Continue reading