Spain’s AEPD fines Yoti $1.1M for biometric data handling violations
GDPR and onboarding requirements collide. Yoti has been fined 950,000 euros (roughly US$1.1 million) by Spanish data protection regulator AEPD for the handling of biometrics and other data within its digital identity app. The regulator has ruled Yoti violated three clauses of the EU’s General Data Protection Rule (GDPR).
Opens in new window or tab
The problem
The ruling in part reflects a tension between how biometrics are often used in practice and the definition of biometrics as “special category data” under GDPR. If a person has downloaded the Yoti app and uploaded an ID document, a subsequent biometric match is still considered “uniquely identifying.”
The solution
Turning headlines into head starts. Explore DataPal Use Cases that solve today’s data challenges and transform individual privacy into a risk-free competitive advantage.
If you would like to find out more, arrange a Proof of Concept (PoC) or discovery session for your business then please contact us.
