News

IT’S THE LAW (09/20/2022)

Indonesia is set to pass its Personal Data Protection Bill (PDP) this week. The law, which gives companies two years to comply, will require data operators to obtain consent from individuals for collecting personal data or medical history. The strict penalty for noncompliance is up to 5 years in jail and a maximum fine of 5 billion rupiah (US $337,000). The law stipulates that personal information collected must be for a specific purpose only and that data must be erased once the purpose has been met.

More News

Next Article

South Korea’s biggest fine to date ($71.8M) goes to…Google and Meta!

September 20, 2022

South Korea found Google & Meta violating its privacy law, so now slapped them with fines: 69.2 billion KRW (~$50 million – Google) and 30.8 billion KRW (~$22 million – Meta). The companies had not obtained consent before collecting data from site users, then enabled targeting with customized ads. At Google, users were not clearly informed of use plans and a default forced them to “agree.” At Meta, details about data use plans were not provided, nor was consent obtained before using behavioral and personal information.

CDPI Privacy Newsletter
Previous Article

FTC not amused by sleight-of-hand ads and issues “dark patterns” report to expose methods

September 20, 2022

Ad trickery using psychological games, misleading claims, hidden disclosures or other bait and switch tactics are not new to sales, but the move to online has presented new opportunities to lure and ensnare prospective buyers. A new US Federal Trade Commission (FTC) report displays examples of what’s called “dark patterns,” deceptive design practices used to dupe customers. The report is part of a larger effort by the FTC to identify and stop unfair business practices. This shortly after the FTC issued a policy statement warning companies against illegally tricking or... Read More >

CDPI Privacy Newsletter