The organizers of Barcelona’s Mobile World Congress (MWC), the GSMA, have been fined €200,000 for failing to conduct a data protection impact assessment (DPIA) as required by the European Union’s General Data Protection Regulation (GDPR).
According to reports, the decision issued by the Spanish Data Protection Agency (AEPD) found that the GSMA did not adequately consider the collection of biometric data from MWC attendees, particularly in relation to the BREEZZ system, an automated identity verification system used for entry to the event.
