Rie Aleksandra - DPO Hub

Best of 2025 and what's coming in 2026

members – 3 min read

Enjoy the quiet period ahead to catch up on must-reads from 2025 and prepare for 2026. Check out who won the 🏆 DPO Hub Community Member of the Year Award and don't miss your special Founding rate if you decide to keep your DPO Hub access from 1 April. 💰

Jan 8, 2026

DPO Hub 2.0 from 1 April

members – 3 min read

DPO Hub runs as normal until 31 March and then your subscription ends automatically. If you pre-paid for longer, you'll be refunded pro rata. DPO Hub switches to Library mode on 1 April. Founding rate available for existing members – contact me for access. 💰

Jan 7, 2026

New SCCs on public consultation (delayed again)

members – 1 min read

Latest: The consultations for new SCCs (third-country importers directly subject to the GDPR) announced in Sep 2024, are now delayed to Q1 2026. 🧐

Jan 7, 2026

EDPB meeting agendas and minutes

members – 9 min read

📆 2026 meeting list added with ICS file for you! | 2-3 Dec agenda 🚨 x 3: Digital Omnibus | Joint guidelines AI Act ↔ EU data protection law interplay | Recommendations on legal basis for requiring users to create accounts on e-commerce websites | DMA High Level Group: Common paper on AI

Dec 31, 2025

Events 2026

members – 6 min read

What's cooking in 2026? Several events added for the national DPO associations.

Dec 20, 2025

CJEU C-422/24 Storstockholms Lokaltrafik 18 Dec 2025

members – 3 min read

If public transport ticket inspectors process personal data using body cams, they must inform data subjects under Article 13 – not Article 14 – because the data's collected directly from the data subject.

Dec 18, 2025

Privacy, data protection & security legal landscape

members – 8 min read

COM shares CRA FAQ 3 Dec | ✅ Procedural rules on GDPR enforcement Regulation effective 12 Dec | COM fines X €120m under DSA | Political ads Regulation Article 13(6) public consultation planned Q2 2026 | CSAM Regulation: Council agrees position – next is negotiations with Parliament.

Dec 12, 2025

EDPB meeting minutes 16 Oct and 4 Nov 2025

members – 2 min read

2 x meeting minutes today! 🚨 Guidelines: Joint AI Act ↔ EU data protection law interplay; Political advertisements; Web scraping in the context of generative AI | 🚨 Irish, French & Dutch DPAs investigate data brokers | 🇧🇷 & 🇬🇧 adequacy decisions

Dec 12, 2025

GDPR 2.0 - Digital Omnibus

members – 23 min read

POLITICO 62-page analysis | 💚 Grumpy GDPR podcast episode w/Max Schrems: Under the Bus | New consultation; feedback goes to Parliament and Council | Digital Omnibus: COM's proposal to simplify AI, cybersecurity and (personal) data rules to "save businesses up to €5bn by 2029".

Dec 12, 2025

CJEU C-492/23 Russmedia Digital and Inform Media Press 2 Dec 2025

members – 5 min read

🧨 CJEU rules contrary to the AG: marketplace operators are *controllers* for ads data instead. This has major implications for marketplaces. (And what about DSA?) Also check out CJEU's recorded debrief with President Lenaerts.

Dec 10, 2025

'Pay or OK' – 'Consent or Pay' resources

members – 5 min read

Meta to launch new model in Jan | ICO shares guidance for the public

Dec 8, 2025

Norway DPA orders Helseplattformen to rectify shortcomings

members – 3 min read

🇳🇴 Datatilsynet notifies Helseplattformen of their intent to order fixes to serious organisational and (less serious) technical deficiencies – response is due by 6 Jan 2026, with the final decision after. Key ISMS takeaways on this one + download a collated PDF.

Dec 7, 2025