Rie Aleksandra - DPO Hub

Your OSS for the EDPB

members – 3 min read

⏰ New consultation – requiring users to create accounts to shop online | EDPB wants input on templates (DPIAs, breaches WIP) | Overview page for all things EDPB: Guidelines, Opinions, Recommendations, Members, Meetings, Strategy & Work Programs, CEF, SPE, OSS, Art. 65 Decisions, WP29, CSC

Dec 4, 2025

DPO Hub closes 31 March 2026

members – 2 min read

But continues as normal with updates (email and portal) on Digital Omnibus, DPF and other highlight news until 31 March. If you’ve already paid for longer, you'll get a refund for the remaining time. Thank you for being part of this journey! [updated with Q&A]

Dec 3, 2025

CJEU C-492/23 Russmedia Digital and Inform Media Press 2 Dec 2025

members – 2 min read

🧨 CJEU rules the opposite of AG Szpunar, who said marketplace operators are *processors* for ads data – CJEU says they're *controllers* instead. This has major implications for marketplaces. (And what about DSA?) Also check out CJEU's recorded debrief with President Lenaerts.

Dec 3, 2025

EDPB Guidelines 1/2025 Pseudonymisation (public consultation)

members – 2 min read

New discussion paper available: Stakeholder event on anonymisation and pseudonymisation in light of the EDPS v SRB judgment | ❌ Stakeholder event came and went 17 Nov 🤨 | EDPB hotly debated pseudonymisation guidelines – to be finalised after the public consultation closed in Feb 2025.

Dec 2, 2025

EDPB meeting agendas and minutes

members – 9 min read

2-3 Dec agenda 🚨 x 3: Digital Omnibus | Joint guidelines AI Act ↔ EU data protection law interplay | Recommendations on legal basis for requiring users to create accounts on e-commerce websites | DMA High Level Group: Common paper on AI

Dec 1, 2025

Privacy, data protection & security legal landscape

members – 7 min read

Council reaches CSAM position and adopts new GDPR procedural (enforcement) rules

Nov 26, 2025

GDPR 2.0 - Digital Omnibus

members – 23 min read

🇸🇪 IMY comment | 🇩🇪 DSK: 10 GDPR changes for children | New 8-week consultation; feedback goes to Parliament and Council | The Digital Omnibus is the Commission's proposal to simplify AI, cybersecurity and (personal) data rules to "save businesses up to €5bn in administrative costs by 2029".

Nov 26, 2025

AI (Act) resources

members – 23 min read

🇪🇸 shares internal AI policy | Digital Omnibus on AI Regulation Proposal published! | 🇬🇬 ODPA with practical 10-step AI guidance | EDPS EUDPR guide: AI Systems Risk Management

Nov 26, 2025

Norway DPA fines Grindr NOK 65 million for invalid consent

members – 3 min read

🔥 25 Nov: Grindr won't appeal after the Borgarting Court of Appeal upheld the record NOK 65m (~€5.5m) fine against them for disclosing users' special category personal data to third parties for behavioural advertising without a valid consent.

Nov 25, 2025

The European Data Protection Supervisor – EDPS

members – 2 min read

New TechSonar report out – trends 2025/2026: Agentic AI, AI companions, Automated proctoring, AI-driven personlised learning, Coding assistants, Confidential computing. Overview page for all things EDPS.

Nov 25, 2025

Welcome! Start here 👇

members – 2 min read

Bumping this as reminder – to make the most out of your subscription, read through this post: How to use DPO Hub effectively and find your way around.

Nov 23, 2025

National DPA news (2025)

members – 5 min read

Nov 19, 2025