Rie Aleksandra - DPO Hub

EDPB meeting minutes 8 Apr 2025

members – 1 min read

🇪🇺 Commission gave an update on the EU-US DPF: EO 14086 is still "fully in place" and they'll only continue to "monitor the situation" for now | Little else particularly newsworthy so feel free to skip this read if you already read the agenda

May 9, 2025

🚨 EDPB & EDPS joint letter to the Commission on proposal to simplify ROPA requirements

members –

EDPB & EDPS jointly – positively – responded to the European Commission’s letter proposing to simplify the Article 30 ROPA requirement for SMCs and non-profits with fewer than 500 employees and a “certain annual turnover”, deleting certain references and adding in 'high' risk.

May 8, 2025

The DPO role: Key resources

members – 2 min read

Key resources on the DPO role, including from the CJEU, EDPB, DPAs, EDPS, GDPR commentaries and more. Explore and let Rie know what’s missing!

May 8, 2025

The DPO role: Article 37(1)(b)

members – 5 min read

Breaking down Article 37(1)(b) key terms: 'core activities', 'regular', 'systematic', 'monitoring' and 'large scale'. And what should you do if you're still unsure whether you need to appoint a DPO? Appoint one voluntarily?

May 8, 2025

National DPA news

members – 2 min read

May 8, 2025

EDPB meeting agendas and minutes

members – 5 min read

Updated 6 May with adequacy Opinions. 2 May agenda: Opinion on renewed UK adequacy decisions (GDPR and LED – it's a 🟢) + European Patent Organisation draft adequacy decision. 🇧🇦 Bosnia and Herzegovina DPA asks to become EDPB observer. 11 Feb minutes ready but not much new (= can be skipped).

May 6, 2025

CJEU C-313/23 Inspektorat kam Visshia sadeben savet 30 Apr 2025

members – 3 min read

That a court authorises personal data disclosure to another judicial body qualifies as processing under the GDPR – but it doesn’t make the court a controller or a DPA, and it’s not required to ensure compliance unless an Article 79(1) action is brought before it.

May 6, 2025

Events 2025

members – 4 min read

New: 🇪🇸 AEPD offers course "Innovation and privacy in AI and data spaces" | 🇫🇷 (on-site and online) CNIL & French Treasury organises 'academic event' 20 May: GDPR: what economic impact? | 🇫🇷 European Health Data Protection Congress 15-17 Oct | ICO Anonymisation & Pseudonymisation webinar 22 May

May 5, 2025

🇮🇪 DPC fines TikTok €530m for China transfers

members – 2 min read

The Irish DPA also orders TikTok to bring their processing into compliance within six months. If they don't, they must stop the transfers. TikTok also breached transparency by failing to disclose the third countries involved and didn't explain the nature of the transfers in its privacy policy.

May 2, 2025

Privacy, data protection & security legal landscape

members – 6 min read

Latest: ⏰ Political advertising Reg. open for feedback till 28 May | 🔥 Commission DMA-fines Apple and Meta | The Council adopts the European Health Data Space (EHDS) | EC shares Data Act public consultation summary report, FAQ and DGA practical guide

May 2, 2025

EDPB annual report 2024

members – 3 min read

EDPB Chair Anu Talus is proud of their 2024 achievements, including the "significantly increased number of consistency opinions adopted under Art. 64(2)". They've also launched a new strategy 2024-2027. But should you read either? (Added link to EDPS' annual report too.)

Apr 23, 2025

EDPB meeting minutes 13 Mar 2025

members – 2 min read

Upcoming guidelines: political advertising Regulation | 🇺🇸 MoU on "Defending American Companies ... Overseas Extortion and Unfair Fines" (confidential discussion) | SoMe platforms disinformation & halted fact-checking | CJEU Russmedia + Dun & Bradstreet | Generative AI Enforcement taskforce

Apr 23, 2025