Privacy, data protection & security legal landscape
members
–
7 min read
Council reaches CSAM position and adopts new GDPR procedural (enforcement) rules
GDPR 2.0 - Digital Omnibus
members
–
22 min read
🇩🇪 DSK: 10 GDPR changes to improve children's privacy | New 8-week consultation; feedback goes to Parliament and Council | The Digital Omnibus is the Commission's proposal to simplify AI, cybersecurity and (personal) data rules to "save businesses up to €5bn in administrative costs by 2029".
AI (Act) resources
members
–
22 min read
Digital Omnibus on AI Regulation Proposal published! | 🇬🇬 ODPA with practical 10-step AI guidance | EDPS EUDPR guide: AI Systems Risk Management
Norway DPA fines Grindr NOK 65 million for invalid consent
members
–
3 min read
🔥 25 Nov: Grindr won't appeal after the Borgarting Court of Appeal upheld the record NOK 65m (~€5.5m) fine against them for disclosing users' special category personal data to third parties for behavioural advertising without a valid consent.
The European Data Protection Supervisor – EDPS
members
–
2 min read
New TechSonar report out – trends 2025/2026: Agentic AI, AI companions, Automated proctoring, AI-driven personlised learning, Coding assistants, Confidential computing. Overview page for all things EDPS.
Welcome! Start here 👇
members
–
2 min read
Bumping this as reminder – to make the most out of your subscription, read through this post: How to use DPO Hub effectively and find your way around.
National DPA news (2025)
members
–
5 min read
🇬🇬 ODPA: practical 10-step AI guidance | 🇩🇪 Hessen DPA greenlights M365! | 🇭🇷 DPA fines telecoms operator €4.5m | 🇪🇸 Encryption guide for freelancers + YouTube series | 🇳🇴 Credit agencies audit | 🇫🇷 survey Monetizing personal data | 🇳🇱 DPAg tips after five major service provider cyber attacks
Your OSS for the EDPB
members
–
3 min read
❌ Stakeholder event on anonymisation & pseudonymisation came and went 17 Nov 🤨 | EDPB wants input on templates (DPIAs, breaches WIP) | Overview page for all things EDPB: Guidelines, Opinions, Recommendations, Members, Meetings, Strategy & Work Programs, CEF, SPE, OSS, Art. 65 Decisions, WP29, CSC
CJEU C-654/23 Inteligo Media 13 Nov 2025
members
–
7 min read
If a user creates a free account and gets access to articles, newsletters and the option to pay for further content, this falls under Art. 13(1) and (2) ePD as 'sale of a service' and 'direct marketing', and you don't need a legal basis under Art. 6 GDPR, in line with Art. 95 GDPR.
EDPB meeting minutes 7-8 Oct 2025
members
–
3 min read
Discussing SRB v EDPS, Helsinki Statement and Anonymisation guidelines: stakeholder event coming | Questions on Consent or Pay guidelines | 💡 DPAs focus & challenges | CEF topic 2026 | Joint DMA ↔ GDPR interplay guidelines | ❌ No joint DPIA/FRIA template | GPA resolutions | BCRs: 🇫🇷 Tessi, 🇵🇱 Box
EDPB meeting minutes 11 Sep 2025
members
–
2 min read
DSA ↔ GDPR interplay guidelines | 🇧🇷 Brazil & 🇬🇧 UK adequacy decisions | Helsinki Statement – practical implementation & Commission on simplifying breach reporting | EDPS C-413/23 update | BCRs: 🇮🇪 Shopify, 🇱🇺 Northern Trust, Ferrero Group, 🇳🇴 Mowi.
EDPB meeting agendas and minutes
members
–
8 min read
Sep & Oct minutes published | 4 Nov agenda: 🚨 Guidelines x 3: Political ads; Web scraping in GenAI context; AI Act ↔ EU data protection law interplay | Opinion on 🇧🇷 adequacy decision | New SPE project: Market study of data brokers