€5.5 million fine imposed on WhatsApp Irelands Data Protection Commission issued a €5.5 million fine against Meta’s social networking platform WhatsApp for breaching its transparency obligations by not providing clear information on how the company processed personal data. Further users were forced to accept the processing of their data in the Terms of Service. Read More

CNIL issues €3million fine against video game company Voodoo Investigation carried out on voodoo.io by French DPA CNIL found that smartphone video game company Voodoo tracked users browsing habits for advertising purposes even after users refused tracking. This was done once the application was downloaded on an iPhone. The company has been required to make necessary changed within 3 months of the notice or will be liable to pay €20,000 per day for non-compliance. Read More

FTC finalizes order with Drizly after 2.5 million consumers personal data exposed in breach The Federal Trade Commission finalized an order with Drizly, an online alcohol marketplace and its CEO, after massive breach which exposed personal information of around 2.5 million users. FTC ordered Drizly to destroy any personal data collected that is not necessary to only collect and store data that is required and to provide information on its website about what data it collected and why. Read More

AI Rick Management Framework soon to be published by NIST The first iteration of Artificial Intelligence Risk Management Framework will be published by the U.S. National Institute of Standards and Technology on January 26th to further the risk management efforts of those associated with AI. Read More