UK retailer revises number of users affected by data breach from 1.2 million to 10 million
The revised estimate refers to a previously reported figure estimating the number of "personal records" affected. The group's initial announcement on 13th June also revealed 5.9 million payment cards have been affected by the breach.
When lawmakers, governments and regulators are terrible at complying with the GDPR, why should anyone else bother?
They want to infer consent, they want to craft new rules for their own data collection activities and they want to fine themselves less than they demand private organizations be fined. When regulators and lawmakers are this bad at implementing data protection practices, what hope does anyone else have?