National DPA news

National DPA news

members 4 min read
Latest: 🇵🇱 Call to change medical documentation laws | 🇩🇪 Federal DPA update on Facebook page ban case + shares social media guidance | 🇸🇮 Slovenia DPA warns against CSAM | 🇩🇪 Hamburg DPA bridges the gap: GDPR ↔ AI Act
AI (Act) resources

AI (Act) resources

members 18 min read
Latest: MIT 1600+ AI Risk Repository | NIST Cyber AI Profile Workshop | 🇳🇱 AI Act Guide (in 🇬🇧) | 🇩🇪 DPAs protest proposal to move AI oversight | Commission seeks feedback on AI dynamics, fairness and contestability in DMA review
GDPR 2.0?

GDPR 2.0?

members 6 min read
16 Sep: Have your say on the upcoming Digital Omnibus (deadline 14 Oct.) | The Commission is proposing to simplify the European Single Market, including the GDPR Articles 4, 30, 40 and 42.
EDPB meeting agendas and minutes

EDPB meeting agendas and minutes

members 7 min read
11 Sep agenda: 🚨 DSA ↔ GDPR interplay guidelines published (consultation) | Practical implementation of the Helsinki Statement | Transfer SCCs from different jurisdictions | DMA review | EDPS concluding EC MS365 audit | Lots of BCRs
CJEU C-655/23 Quirin Privatbank 4 Sep 2025

CJEU C-655/23 Quirin Privatbank 4 Sep 2025

members 3 min read
GDPR offers no judicial remedy outside erasure requests to stop future unlawful processing, but Member States may. Non-material damage covers negative feelings – if proven. A controller’s fault doesn’t affect compensation, and a court order banning repeat GDPR violations can’t reduce or replace it.
Adequacy decisions

Adequacy decisions

members 3 min read
5 Sep: Commission with 🇧🇷 Brazil draft adequacy decision – Up next: EDPB Opinion, Member States reps approval and EP "right of scrutiny" | 22 July: Commission deems 🇬🇧 UK DUAA adequate.
CJEU C-383/23 ILVA (GDPR fine) 13 Feb 2025

CJEU C-383/23 ILVA (GDPR fine) 13 Feb 2025

members 4 min read
2 Sep: 💸 ILVA fined €201k | When fining a controller in a corporate group, DPAs must base the maximum fine on the *group’s* total worldwide turnover from the prior business year. A crucial ruling for anyone in a company group – here's also text you can copy for an email to your Management/Board.
Events 2025

Events 2025

members 5 min read
Next up: 16-19 Sep 🇰🇷 Seoul: Global Privacy Assembly | 18 Sep 🇳🇱 Utrecht: DPO Day organised by the DPA | 29-30 Sep 🇸🇪 Stockholm: Nordic Privacy Arena