🇩🇪 독일

The President of the CNIL has the possibility to formal notice a data controller to take the necessary measures, within a period that it sets, to comply with the amended Data Protection Act and, from 25 May 2018, the General Data Protection Regulation (GDPR). The dataset presented concerns the number of formal notices notified each year since 2014 (and their public/non-public breakdown). In addition to the distribution of this game, the content of the public notices is available on Legifrance. Disclaimer: for any questions about the operation of a file and the help that the CNIL can provide you, please do not use the "Discussions" below, which are visible to all and reserved for exchanges on published datasets; use the Need help service (https://www.cnil.fr/en/cnil-direct) or contact the CNIL on 01 53 73 22 22.

General Counsel Legal Automation Workload System (GCLAWS)-VA

According to a survey conducted in May 2024, 45 percent of respondents in the United States were somewhat willing to purchase premium products or services from companies with stronger data protection policies. The same trend can be noticed among different age groups, as more than 40 percent of U.S. respondents in each age group were somewhat willing to buy premium products when it came to data protection. Around half of respondents aged between 25 and 44 were willing to pay extra for better data security, while a comparatively smaller share of 42 percent among respondents aged 18 to 24 years old were willing to do so.

As of February 2025, 19 U.S. states had state-level data privacy laws signed. While the core content in these regulations was similar, they varied in addressing certain business obligations regarding data privacy. According to all state-level laws, businesses are obligated to notify consumers about certain data privacy operations. Furthermore, all signed laws require companies to treat consumers under a certain age with an opt-in default for the sale of their personal information.

Claimant Private Relief Legislative Files-VA

Pollution Prevention (P2) Planning Notices published in the Canada Gazette under the Canadian Environmental Protection Act, 1999 (CEPA) legally require persons subject to the Notice to prepare and implement a pollution prevention plan in respect of a specified substance(s). Environment and Climate Change Canada receives P2 Notice reports which contain information on the P2 plans implemented by facilities as well as the results achieved. Information submitted is publicly available except for parts where confidentiality requests were accepted. The data for each P2 Planning Notice listed alphabetically below is provided in a csv format. Note that reports received for active P2 Planning Notices are searchable via the Online Search of the P2 Planning Reporting Tool.

The General Data Protection Regulation (GDPR) has made it mandatory to notify the CNIL of any personal data breach that creates a risk to the rights and freedoms of data subjects. A data breach is "a breach of security resulting in the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed".

This notification to the CNIL must be made within 72 hours, by the body responsible for processing or by its representative.

For more information on data breaches and the CNIL’s follow-up to notifications: https://www.cnil.fr/notify-a-violation-of-personal-donations

Disclaimer 1: The data published are those transmitted to the CNIL as part of the notifications (excluding those received in the three months preceding the production of the datasets for reasons of confidentiality of the files being processed or recently processed). They may not reflect the Commission's assessment of the situation described.

Warning 2: Each notification in the dataset corresponds to a specific case, which may have led to several subsequent exchanges with the organization concerned or its representative.

Litigation Files-VA

🇺🇸 미국

Patients often provide untruthful information about their health to avoid embarrassment, evade treatment, or prevent financial loss. Privacy disclosures (e.g. HIPAA) intended to dissuade privacy concerns may actually increase patient lying. We used new mouse tracking-based technology to detect lies through mouse movement (distance and time to response) and patient answer adjustment in an online controlled study of 611 potential patients, randomly assigned to one of six treatments. Treatments differed in the notices patients received before health information was requested, including notices about privacy, benefits of truthful disclosure, and risks of inaccurate disclosure. Increased time or distance of device mouse movement and greater adjustment of answers indicate less truthfulness. Mouse tracking revealed a significant overall effect (p < 0.001) by treatment on the time to reach their final choice. The control took the least time indicating greater truthfulness and the privacy + risk group took the longest indicating the least truthfulness. Privacy, risk, and benefit disclosure statements led to greater lying. These differences were moderated by gender. Mouse tracking results largely confirmed the answer adjustment lie detection method with an overall treatment effect (p < .0001) and gender differences (p < .0001) on truthfulness. Privacy notices led to decreased patient honesty. Privacy notices should perhaps be administered well before personal health disclosure is requested to minimize patient untruthfulness. Mouse tracking and answer adjustment appear to be healthcare lie-detection methods to enhance optimal diagnosis and treatment.

The General Data Protection Regulation (GDPR) Software market is experiencing robust growth, driven by increasing regulatory scrutiny, rising cyber threats, and the escalating volume of personal data generated globally. The market, estimated at $8 billion in 2025, is projected to exhibit a Compound Annual Growth Rate (CAGR) of 15% from 2025 to 2033, reaching an impressive $25 billion by the end of the forecast period. This expansion is fueled by the imperative for organizations, both large enterprises and SMEs, to ensure compliance with GDPR and other evolving data privacy regulations. The market is segmented by deployment type (on-premises and cloud-based), with cloud-based solutions gaining significant traction due to their scalability, cost-effectiveness, and ease of implementation. Key players like SAP, Oracle, IBM, and specialized GDPR software providers are actively innovating to offer comprehensive solutions addressing data mapping, consent management, breach notification, and data subject access requests. The North American market currently holds a dominant share, but the European and Asia-Pacific regions are witnessing rapid growth, driven by increasing adoption of GDPR-compliant practices and rising digitalization. However, challenges remain, including the high cost of implementation, integration complexities, and the ongoing evolution of data privacy regulations, which necessitate continuous adaptation of software solutions. Furthermore, the shortage of skilled professionals capable of managing and interpreting complex data protection regulations poses a significant restraint to market growth. Nevertheless, the long-term outlook for the GDPR Software market remains positive, driven by sustained demand for robust data protection measures and the rising awareness of data privacy implications across diverse industries.

Accreditation Records—VA

Privacy notices used in recent City of York Council consultations.

For past consultation privacy notices please see the archived consultation privacy notices page.

For further consultations data please see the consultations group page in York Open Data.

For further information on consultations please visit City of York Council's website.

Data Breach Notification Software Market Outlook

The data breach notification software market size is projected to witness significant growth, with a 2023 valuation at approximately USD 1.2 billion and expected to reach USD 3.6 billion by 2032, growing at a compound annual growth rate (CAGR) of 12.9%. Several key growth factors are driving this market, including the increasing number of data breaches across various sectors, stringent data protection regulations, and the growing awareness among enterprises about the need for robust data breach notification systems. These factors collectively push organizations towards adopting advanced solutions that aid in early breach detection and notification to mitigate potential damages.

A primary growth catalyst for the data breach notification software market is the rising incidence of data breaches globally, which have become more sophisticated and damaging. With cybercriminals employing advanced techniques to infiltrate corporate networks, the need for efficient breach notification solutions has surged. Companies are recognizing the critical importance of not only protecting their data but also having a contingency plan in place to notify affected parties promptly in the event of a breach. This need is further amplified by the potential financial and reputational damages that can arise from delayed or inadequate breach notifications, which can result in significant regulatory penalties and a loss of consumer trust.

Another significant factor contributing to the market's expansion is the implementation of stringent data protection regulations worldwide. Laws such as the General Data Protection Regulation (GDPR) in Europe and the California Consumer Privacy Act (CCPA) in the United States have established rigorous standards for data breach notifications. Organizations are now mandated to report data breaches within specific timeframes, necessitating reliable software solutions to ensure compliance. These regulations not only underscore the importance of timely notifications but also demand transparency and accountability from enterprises, thereby driving the adoption of data breach notification software.

Additionally, the growing awareness and understanding among businesses of the broader implications of data breaches are also fueling market growth. Organizations of all sizes are increasingly investing in data breach notification software to protect their assets and customer information. The software not only helps in fulfilling legal obligations but also plays a crucial role in maintaining customer trust by demonstrating a commitment to data privacy and security. As companies strive to enhance their cybersecurity infrastructures, data breach notification software becomes a vital component of their overall strategy.

Regionally, the North American market holds a substantial share, driven by early adoption of technology, presence of major industry players, and stringent data protection laws. Europe follows closely, with its strict regulatory environment and high level of digital integration across industries. The Asia Pacific region is anticipated to witness the fastest growth rate, attributed to the rapid digital transformation, increasing cyber threats, and progressive regulatory developments in countries like India, China, and Japan. The adoption of data breach notification software in the Latin American and Middle East & Africa regions is also on the rise, albeit at a slower pace, as awareness and regulatory frameworks continue to evolve.

Component Analysis

The data breach notification software market is segmented into software and services components, each playing a crucial role in ensuring comprehensive data protection strategies. The software component includes the actual platforms and applications that automate the process of detecting and notifying breaches. These solutions are equipped with features such as real-time monitoring, automated alerts, and detailed reporting capabilities. The increasing complexity and frequency of cyber threats have made it imperative for organizations to adopt robust software solutions that can swiftly identify data breaches and initiate timely notifications to comply with regulatory requirements.

Services, the other critical component, encompass a range of offerings such as consulting, implementation, training, and support services. These services are essential for organizations to effectively deploy and integrate breach notification software into their existing IT infrastructures. Consulting services help enterprises assess their current security postures and develop strategie