Privacy

The Data Protection Commission handed down administrative fines totalling €652 million last year, according to its latest annual report. The privacy watchdog issued 11 finalised inquiry decisions in 2024, including high-profile decisions on inquiries into LinkedIn and Meta, which alone made up

The UK's data protection watchdog has fined genetic testing company 23andMe £2.31 million for failing to implement appropriate security measures to protect the personal information of UK users, following a large-scale cyber attack in 2023. The penalty follows a joint investigation conducted by

Biometric data collected from 70 per cent of the Irish population over the past 15 years should be deleted immediately, the Irish Council for Civil Liberties (ICCL) has said. The NGO has criticised the decision in the Data Protection Commission's (DPC) inquiry into the Department of Social Protectio

The Department of Social Protection has been fined €550,000 for breaches of the GDPR relating to the requirement for public services card (PSC) applicants to provide their biometric data. The Data Protection Commission (DPC) today announced its final decision following the conclusion of an inqu

William Fry lawyers John O'Connor, Rachel Hayes and Conor Forde look at new EDPB guidelines on the use of blockchain and their impact on the Web3 industry. On 14 April 2025, the European Data Protection Board (EDPB) opened its public consultation on its guidelines for the processing of personal data

The High Court has paved the way for a class action lawsuit to be brought against Microsoft over advertising technology alleged to breach users' privacy rights. The Irish Council for Civil Liberties (ICCL) yesterday applied to the court for what it said would be Ireland's first-ever class action law

As the GDPR turns seven, William Fry lawyers Rachel Hayes and India Delaney consider new EU proposals to amend the landmark data protection law. On 25 May 2025, we marked the seventh anniversary of the General Data Protection Regulation (GDPR) coming into effect. Over the past seven years, the GDPR

Microsoft is facing what has been described as Ireland's first class action lawsuit after the Irish Council for Civil Liberties (ICCL) today launched proceedings in the High Court in Dublin. The legal action, brought under the new EU Collective Redress Directive, alleges that the "real-time bidding"

A consent system relied upon by tech giants including Google, Microsoft, Amazon and X to serve targeted online advertising has been ruled to be incompatible with the GDPR. Belgium's Court of Appeal yesterday ruled on an appeal brought by the Interactive Advertising Bureau (IAB) Europe against an ear

TikTok has said it will appeal a €530 million fine imposed by Ireland's Data Protection Commission (DPC) following an investigation into transfers of EU users' personal data to China. The DPC announced the fine on Friday after finding that TikTok had violated the GDPR in respect of its transfer

TikTok has been fined €530 million by Ireland's Data Protection Commission (DPC) following an investigation into transfers of EU users' personal data to China. The DPC, in its role as the lead supervisory authority for TikTok, launched the inquiry to examine the lawfulness under the GDPR of Tik

The UK's privacy regulator has imposed a £60,000 fine on an English law firm following a cyber attack that led to highly sensitive and confidential personal information being published on the dark web. The Information Commissioner's Office (ICO) found that Merseyside-based DPP Law Ltd had 

The Data Protection Commission (DPC) has launched an investigation into Elon Musk's X social media platform over its use of users' posts as AI training data. X Internet Unlimited Company (XIUC), known until the start of April 2025 as Twitter Internet Unlimited Company (TIUC), was notified last week

A prominent British businessman identified as the subject of allegations of sexual harassment and bullying by a member of the House of Lords, who used parliamentary privilege to circumvent a court injunction, did not suffer a violation of his privacy rights, the European Court of Human Rights has ru

The High Court has dismissed judicial review proceedings in respect of a data breach which allegedly compromised personal data on the applicant’s work phone. Delivering judgment for the High Court, Mr Justice Barry O’Donnell was satisfied that the clear import of the applicant’s co