On 9 July 2019 Marriott International announced that UK Information Commissioner’s Office (ICO) had communicated its intent to issue a fine in the amount of £99 200 396 against the company in relation to the ‘Starwood guest reservation database’ incident that Marriott announced on 30 November 2018. In this incident a variety of personal data contained in approximately 339 million guest records globally were exposed, of which around 30 million related to residents of 31 countries in the European Economic Area (EEA), while seven million related to UK residents.
Over one year after the entry of the GDPR into force, on 24 July 2019 the European Commission published a report looking at the positive impact of the EU data protection rules and how they can be improved further.
After the scandal around Facebook and Cambridge Analytica broke in the first half of 2018 (when Cambridge Analytica used data to profile and target individual voters for the purpose to predict and influence their decisions at elections), another data protection authority has fined Facebook for personal data misuse.
After the scandal around Facebook and Cambridge Analytica broke in the first half of 2018, another data protection authority has fined Facebook for personal data misuse. The Italian Data Protection Authority fined Facebook for €1M for violating the provisions of national privacy laws by misusing personal data of Italian citizens.
On 29 May 2019 the EU Commission published a guidance on the interaction between the Regulation on the free flow of non-personal data (FFD Regulation) and the General Data Protection Regulation
In the middle of April 2019, new rules on the protection of persons reporting on breaches of European Union law were adopted by the European Parliament, and as a next step the directive must be approved by EU ministers.