A dive into the Swedish DPA’s first GDPR fine

The Swedish data protection authority, Datainspektionen, initiated an audit of the public school board of Skellefteå municipality earlier this year after having received media reports that the school board, in a trial project at Anderstorps upper secondary school, had used facial-recognition technology to register student presence during a few weeks. After it conducted its investigation, the Swedish DPA fined the school SEK 200,000 ($29,000 U.S.), which was the first fine it had administered under the EU General Data Protection Regulation. In a piece for The Privacy Advisor, Sharp Cookie Advisors Partner Sofia Edvardsen, CIPP/E, breaks down the enforcement action and explains how the DPA set a high standard for future penalties.
Full Story

Share this post

Share on facebook
Share on linkedin
Share on print
Share on email

Subscribe to our Monthly Cyber Security Digest

Get monthly content to keep you up to date on the latest news and tips