LastPass fined GBP 1.2M. Online marketplaces responsible for sensitive data.

Welcome to #SypherPrivacyTalks — Your news and article roundup. Bringing you the top privacy & compliance stories of the week.

Password manager provider fined £1.2M by ICO for data breach affecting up to 1.6 million people in the UK

ico.org.uk • 3 min read

💶 The ICO has fined LastPass £1.2 million after concluding that inadequate security controls had enabled a breach in 2022, exposing the personal data of up to 1.6 million UK users - despite the fact that passwords had remained encrypted... read more

CJEU: Online marketplaces are responsible for users’ sensitive data under the GDPR

dataprotection.ro • 6 min read

🧑‍⚖️ In the Russmedia case (C-492/23), the CJEU ruled that online marketplaces are controllers of personal data in user ads. They must therefore proactively detect sensitive data, verify identity or explicit consent, and implement technical measures to prevent unlawful copying… read more (article in Romanian).

👉 Court’s decision here.

European cybersecurity regulatory update: NIS2 and beyond

twobirds.com • 3 min read

🛡️With the transposition of NIS2 accelerating and further EU cybersecurity reforms expected in 2026, this article highlights the key regulatory developments and practical steps that organisations should prioritise to ensure compliance… read more

Gambling operator fined €15,000

economedia.ro • 4 min read

🎲 Romania’s data protection authority has fined online gambling operator Crowd Entertainment €15,000 after finding it failed to provide a complete and timely response to a customer’s subject access request, including information on self-exclusion, in breach of Article 15 GDPR.… read more (article in Romanian).

Digital Omnibus reshapes EU cookie rules but leaves banner fatigue largely intact

osborneclarke.com • 7 min read

🍪 The EU's Digital Omnibus Proposal shifts cookie rules under GDPR with narrow exemptions for essential functions, yet retains strict consent mechanics and technical signals unlikely to eliminate intrusive banners soon… read more

--

Get connected with us on LinkedIn or by subscribing to our weekly newsletter. We do our best to select the most interesting and relevant content in our field and deliver it to you in a bite-sized format, so you can stay up to date on topics such as Privacy Management & Compliance.