regulatory fines

On April 28, 2020, the Dutch Supervisory Authority (“Dutch SA”) announced its decision to impose a fine of €725,000 on a company for unlawfully processing the biometric data of its employees.

In 2018, the company concerned installed an access and time management system that collected and processed biometric templates of employees’ fingerprints.  This initiative came about following indications of fraudulent use of the company’s existing badge-based time management system.  After installation, the company’s old system co-existed with the new system, and employees were free to choose the method by which to sign in to work.  One of the employees subsequently filed a complaint with the Dutch SA, which led to this investigation.Continue Reading Dutch Supervisory Authority Fines Company for Processing Biometric Data of Employees

On July 17, 2018, the Portuguese Supervisory Authority (“CNPD”) imposed a fine of 400.000 € on a hospital for infringement of the European Union General Data Protection Regulation (“GDPR”).  The decision has not been made public.  Earlier this week, the hospital publicly announced that it will contest the fine.

According to press reports, the CNPD

As a reminder, telecommunications carriers must submit their annual certifications regarding customer proprietary network information (CPNI) by March 1.  CPNI is private customer information concerning telecommunications. Telecommunications carriers and providers of interconnected Voice over Internet Protocol (VoIP) must certify annually to the FCC that they comply with their obligations to protect and limit disclosure of CPNI.Continue Reading CPNI Certifications Due on March 1