IT Security & Privacy

Data is a constant subject of discussion in the context of security. Custody of personal data is heavily regulated, and systems are designed to protect anonymity, even though it can never be fully guaranteed. Security breaches are costly, not only because of the breach itself, but because of the scrutiny and liability that follow. As a result, privacy has increasingly become a value proposition for products and services that collect and retain personal information.

France’s data protection authority has fined Mobius Solutions €1 million after finding that the company, acting as a processor for music-streaming platform Deezer, failed to comply with core GDPR obligations tied to subcontracting and data handling.

Croatia’s Personal Data Protection Agency has imposed an administrative fine of €1.5 million on a bank for multiple violations of the General Data Protection Regulation, following findings that the institution unlawfully collected extensive personal data from users of its mobile banking application.

California’s privacy regulator is sharpening its focus on data brokers that may be obscuring their identities or relying on corporate affiliations to sidestep registration requirements, as a new consumer deletion platform prepares to go live in 2026.

The Netherlands’ data protection authority has warned users and organizations to think carefully before continuing to use TikTok, after confirming that the platform is still transferring personal data of European users to China despite a joint finding by EU privacy regulators that such transfers are unlawful under the GDPR.

SAP systems store sensitive business data, run mission-critical processes, and ensure that operations continue uninterrupted. However, having the SAP GRC product suite or similar governance, risk, and compliance tools does not cover all aspects of system security. Relying on them to keep you safe is a recipe for infiltration.

SoundCloud has confirmed with Bleeping Computer that a recent wave of service outages and access issues stemmed from a security incident that exposed a subset of user data, as the company moved to contain unauthorized access to parts of its infrastructure.