The Swedish Data Protection Authority (IMY) has imposed a fine of 15 million Swedish kronor (approximately 1.3 million EUR) on Avanza Bank AB for violating data protection regulations. The decision comes after a thorough investigation into a data breach that occurred between November 15, 2019, and June 2, 2021.
The Federal Trade Commission (FTC) has taken decisive action against Avast, a prominent software provider known for its antivirus and browser extension products. The finalized order, stemming from charges first announced in February, imposes a dual penalty on the company: a prohibition on selling web browsing data for advertising purposes and a substantial $16.5 million fine.
On June 25, 2024, the California Privacy Protection Agency (CPPA) and France's Commission Nationale de l'Informatique et des Libertés (CNIL) signed a landmark declaration of cooperation in Paris. This agreement aims to strengthen efforts in safeguarding personal information and advancing privacy rights across borders.
Synnovis, a pathology laboratory handling blood tests for multiple NHS organizations in South East London, has fallen victim to a cyber attack, triggering concerns over potential data exposure affecting NHS patients.
The European Union Agency for Cybersecurity (ENISA) has concluded its 7th edition of Cyber Europe, one of the largest cybersecurity exercises in Europe, held in June 2024. This year's exercise focused on testing the resilience of the EU energy sector against sophisticated cyber threats, underscoring the critical nature of energy infrastructure in an increasingly ICT-dependent society and showcasing the crucial role of the European cyber crisis liaison organization network (EU-CyCLONe).
On April 7, 2024, U.S. Senator Maria Cantwell (D-WA), Chair of the Senate Committee on Commerce, Science and Transportation, and U.S. Representative Cathy McMorris Rodgers (R-WA), Chair of the House Committee on Energy and Commerce, released a discussion draft of the American Privacy Rights Act (APRA). This bipartisan, bicameral draft legislation seeks to unify the fragmented landscape of sectoral-based and state-specific data privacy laws in the United States.
The data protection authorities of the United Kingdom and Canada have announced a collaborative investigation into the significant data breach at 23andMe, a leading global provider of direct-to-consumer genetic testing services.