The General Data Protection Regulation, or GDPR, has been in effect since May 2018, and incorrect implementation can be quite expensive.

The provider 1&1 Telecom GmbH was now able to experience this firsthand, as the Federal Commissioner for Data Protection and Freedom of Information (BfDI) fined the telecommunications service provider €9,550,000 for violating the GDPR.

The reasoning

The company had not taken sufficient technical and organizational measures to prevent unauthorized persons from obtaining information about customer data via telephone customer service. In another case, the BfDI a fine of 10,000 euros on Rapidata GmbH .

[mk_ad]

The trigger

As reported by
The problem: The ex-husband was being stalked by the woman, so the man wasn't really happy about 1&1 releasing his number.

The BDFI became aware of the case and saw the identification procedure at the time as a violation of Article 32 GDPR , according to which the company is obliged to take appropriate technical and organizational measures to systematically protect the processing of personal data.

Authentication process has been secured

After the BfDI criticized the inadequate data protection, 1&1 Telecom GmbH insightful and extremely cooperative. In a first step, the authentication process was made more secure by requesting additional information. In a further step, 1&1 Telecom GmbH introducing a new, technically and data protection-significantly improved authentication process after consultation with the BfDI

Regardless of these measures, a fine was required. Among other things, the violation was not only limited to a small number of customers, but represented a risk for the entire customer base. When determining the amount of the fine, the BfDI in the lower category due to the cooperative behavior of 1&1 Telecom GmbH Range of possible fines.

[mk_ad]

1&1 is suing against the fine

1&1 Telecom GmbH will not accept the fine issued against it by the Federal Commissioner for Data Protection and Freedom of Information (Federal Data Protection Commissioner) and will take legal action against it.

“The fine is absolutely disproportionate. The new fine regulation, according to which the amount was calculated and which applies to the entire German economy, was published on October 14, 2019 and is based on annual group sales. Even the smallest deviations can result in huge fines. However, in the General Data Protection Regulation (GDPR), turnover is not used as a criterion for determining the amount of the fine. In addition, the new fine logic violates the Basic Law, in particular the principles of equal treatment and proportionality.”

the company said in a press release .

Sources: BfDI , 1&1
Article image: 1&1

Also interesting:


If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:

📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.

Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!

* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!


Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )