The Dutch Data Protection Authority has released the first GDPR fining policy in the EU. It consists of a four-category system, based on company size, the maximum fine and factors including the duration of the offense, the number of people affected and how quickly the company reacts. 

European data regulators have hit firms with €56 million in combined fines from more than 200,000 cases in the first nine months of GDPR. That’s just the start. 

Hospitality brands ask customers for their email addresses, then start barraging them with annoying messages, often driving them to unsubscribe. Here are five ways to improve hospital email marketing. 

Here is of one of those lists that should be titled: Don’t do these things. It covers 10 common ecommerce mistakes, but offers advice on how to avoid them. 

Facebook is the subject of a criminal investigation over its data practices, The New York Times reports. A New York grand jury has subpoenaed information on two companies that make smartphones and other devices; Facebook allegedly gave them access to data on hundreds of millions of users.

The Washington State Senate has overwhelmingly passed SB 5376 -- the Washington Privacy Act. The act follows the GDPR playbook to protect consumer privacy. 

Retailers may dream about unifying all the data they have to provide a personalized experience across all channels. But they already have that capability — via email marketing. Here’s why. 

Email marketers are barraged with input on advanced strategies and tactics. But even the most senior of them have to return to the basics from time to time. Ryan Phelan reviews the foundational elements of acquisition, onboarding, promotions and unsubscribe. 

UK firms took 60 days to recognize data breaches, and 21 days to report the incidents prior to GDPR, Redscan reports. The longest time to identify a breach was 1,320 days. The longest time to report it was 142 days. 

In an apparent email screw-up, The University of Chicago Law School emailed names, GPAs, TOEFL scores and application decisions with comments on all LLM applicants to everyone who was accepted into the program. The school asked recipients to delete the emails, and to confirm that they had done so.