Corporación radiotelevisión espanola – €60,000 Fine (Spain, 2019)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Corporación radiotelevisión espanola lost six unencrypted USB sticks containing personal data of about 11,000 people. This breach led to a fine because the company failed to protect sensitive information, including health and criminal records. Businesses should ensure data is encrypted to prevent unauthorized access.
What happened
Corporación radiotelevisión espanola lost six unencrypted USB sticks with personal data.
Who was affected
About 11,000 people whose identification, employment, health, and criminal data were on the USB sticks.
What the authority found
The Spanish data protection authority fined the company for not securing personal data as required by GDPR.
Why this matters
This case highlights the importance of encrypting sensitive data to avoid breaches and fines. Companies must prioritize data security to protect personal information and comply with GDPR.
GDPR Articles Cited
CORPORACIÓN RADIOTELEVISIÓN ESPAÑOLA and the trade union have reported a security breach to the AEPD after six unencrypted USB sticks containing personal data were lost. The violation affected about 11,000 people, including identification data, employment data, data about criminal convictions and health data.
Related Enforcement Actions (0)
No other enforcement actions found for Corporación radiotelevisión espanola in ES
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
19 November 2019
Authority
Agencia Española de Protección de Datos
Fine Amount
€60,000
Enforcement Tracker ID
ETid-113
About this data
Cite as: Cookie Fines. Corporación radiotelevisión espanola - Spain (2019). Retrieved from cookiefines.eu
Last updated: