The Register: Website fined by German court for leaking visitor’s IP address via Google Fonts . “Earlier this month, a German court fined an unidentified website €100 ($110, £84) for violating EU privacy law by importing a Google-hosted web font. The decision, by Landgericht München’s third civil chamber in Munich, found that the website, by including Google-Fonts-hosted font on its pages, passed the unidentified plaintiff’s IP address to Google without authorization and without a legitimate reason for doing so. And that violates Europe’s General Data Protection Regulation (GDPR).”
TechCrunch: In bad news for US cloud services, Austrian website’s use of Google Analytics found to breach GDPR
TechCrunch: In bad news for US cloud services, Austrian website’s use of Google Analytics found to breach GDPR. “A decision by Austria’s data protection watchdog upholding a complaint against a website related to its use of Google Analytics does not bode well for use of US cloud services in Europe. The decision raises a big red flag over routine use of tools that require transferring Europeans’ personal data to the US for processing — with the watchdog finding that IP address and identifiers in cookie data are the personal data of site visitors, meaning these transfers fall under the purview of EU data protection law.”
BBC: WhatsApp issued second-largest GDPR fine of €225m. “WhatsApp has been fined €225m (£193m) by Ireland’s data watchdog for breaching privacy regulations. It is the largest fine ever from the Irish Data Protection Commission, and the second-highest under EU GDPR rules. Facebook, which owns WhatsApp, has its EU headquarters is in Ireland, and the Irish regulator is the lead authority for the tech giant in Europe.” €225m is about $266.5 million USD.
Jurist: Sweden court rejects Google’s appeal in data privacy case. “The Administrative Court of Stockholm on Monday rejected Google’s appeal against the decision of the Swedish data protection authority (Authority) and confirmed that Google has violated the provisions of the EU’s General Data Protection Regulation (GDPR).”
CoinTelegraph: Brave Browser Delivers on Promise, Files GDPR Complaint Against Google. “Now, the complaint is with the Irish Data Protection Commission. It accuses Google of violating Article 5(1)b of the GDPR. Dublin is Google’s European headquarters and, as Dr. Ryan explained to Cointelegraph, the Commission ‘is responsible for regulating Google’s data protection across the European Economic Area’.”
European Data Protection Board: The Swedish Data Protection Authority imposes administrative fine on Google
European Data Protection Board: The Swedish Data Protection Authority imposes administrative fine on Google. “The Swedish Data Protection Authority imposes a fine of 75 million Swedish kronor (approximately 7 million euro) on Google for failure to comply with the GDPR. Google as a search engine operator has not fulfilled its obligations in respect of the right to request delisting.” 7 million euro is roughly $7.8 million USD.
BBC: Internet provider faces big GDPR fine for lax call centre checks. “A German internet service provider faces a €9.6m ($10.6m; £8m) fine after being accused of failing to carry out tough enough customer ID checks. Germany’s data protection watchdog said anyone who called 1&1 Telecom could get extensive personal information about someone else solely by giving their name and date of birth.”
BetaNews: Brave browser accuses Google of using hidden web pages to track users. “Google stands accused of using hidden web pages to circumvent EU privacy regulations, secretly sending users’ personal data to advertisers.”
Phys .org: One year on, EU has 145,000 data law complaints. “One year after the entry into force of landmark EU rules to better protect personal data, nearly 145,000 complaints have been registered, an initial assessment revealed on Wednesday.”
CNET: Google appeals $57M GDPR fine, defends privacy practices. “Google will appeal a fine imposed by the French government over European privacy rules, the company said Thursday. France’s privacy regulator said earlier this week that it’s fining the internet giant 50 million euros (about $57 million) for not properly disclosing to people how their data was collected and passed to advertisers.”
Search Engine Journal: WP GDPR Plugin Hacked – Update Immediately. “The popular WP GDPR Compliance plugin Plugin has a serious vulnerability.Any version less than 1.4.3 is vulnerable. Hackers are actively targeting this plugin. Sites are being hacked as of this writing. It is highly recommended to update now.”