The data protection authority fined an Italian airport company because the software used has insufficient protection for personal data. In the course of the investigations, it turned out that a secure network protocol (such as HTTPS protocol) was missing and the software itself did not encrypt the data. The authority considered it a breach of the obligation to implement technical and organizational measures that ensure an appropriate level of security.
Art des Verstoßes:
inadequate data protection
Waren sensible Daten betroffen?: