ARTICLE
10 December 2018

The Weekly Privacy Rewind December - 5, 2018

B
BakerHostetler

Contributor

BakerHostetler logo
Recognized as one of the top firms for client service, BakerHostetler is a leading national law firm that helps clients around the world address their most complex and critical business and regulatory issues. With five core national practice groups — Business, Labor and Employment, Intellectual Property, Litigation, and Tax — the firm has more than 970 lawyers located in 14 offices coast to coast. BakerHostetler is widely regarded as having one of the country’s top 10 tax practices, a nationally recognized litigation practice, an award-winning data privacy practice and an industry-leading business practice. The firm is also recognized internationally for its groundbreaking work recovering more than $13 billion in the Madoff Recovery Initiative, representing the SIPA Trustee for the liquidation of Bernard L. Madoff Investment Securities LLC. Visit bakerlaw.com
Explore
British and Dutch privacy regulators issued fines totaling approximately $1.2 million against ride-hailing company Uber over its 2016 data breach.
Worldwide Privacy
Photo of Aaron R. Lancaster
Authors
To print this article, all you need is to be registered or login on Mondaq.com.

GDPR

European Regulators Fine Uber Over 2016 Data Breach

  • British and Dutch privacy regulators issued fines totaling approximately $1.2 million against ride-hailing company Uber over its 2016 data breach.
  • According to the U.K.'s Information Commissioner's Office, "a series of avoidable data security flaws" led to the exposure of personal information of approximately 2.7 million British Uber users, prompting a fine of £385,000.
  • Similarly, the Dutch Data Protection Authority (DPA) fined the company €600,000 for the breach, predominantly for not reporting the breach to the DPA and data subjects within 72 hours.

Europe

Serbia Enacts New Data Protection Law

  • While its admission to the EU is pending, Serbia recently enacted its own GDPR-like data protection law, which goes into effect on August 21, 2019.
  • The new Serbian law applies to data controllers and processers both inside and outside Serbia that process the personal data of Serbs. Also like the GDPR, the law will require notification to the Serbian DPA within 72 hours of a breach and to affected individuals if the breach is likely to result in a high risk to their rights and freedoms.
  • Unlike under the GDPR, however, penalties are capped at €17,000.

U.S. Senate

Senators Grill FTC About Privacy Enforcement

  • In a hearing before the U.S. Senate's Subcommittee on Consumer Protection, Product Safety, Insurance and Data Security, all five Federal Trade Commission (FTC) commissioners faced questions about the agency's privacy enforcement.
  • Senators, including subcommittee chair Jerry Moran (R-Kan.), suggested that the passage of the GDPR and California's Consumer Privacy Act demonstrates the need for enhanced federal privacy legislation. The Commissioners agreed with this sentiment, noting that Section 5 of the FTC Act is an imperfect tool to enforce privacy rights.
  • According to FTC Chairman Joseph Simons, the Commission is "hopeful that Congress can craft legislation that would more seamlessly balance consumers' legitimate concerns regarding collection, use and sharing of their data, while providing the flexibility to foster competition and innovation to the benefit of consumers."

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Aaron R. Lancaster
Aaron R. Lancaster
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More