Rie Aleksandra - DPO Hub

National DPA news (2025)

members – 5 min read

Nov 3, 2025

EDPB meeting agendas and minutes

members – 8 min read

🤔 16 Oct: new agenda format! Hopefully just on the design side... | 7-8 Oct agenda: 🚨 Draft 'Consent or Pay' guidelines to be discussed | Enforcement strategies | EDPB stakeholder engagement | Selecting topics for CEF 2026 | BCR draft decisions: 🇫🇷 Tessi, 🇵🇱 Box

Oct 31, 2025

CJEU T-553/23 Latombe v Commission 3 Sep 2025

members – 4 min read

🔥 Latombe to appeal! | "The General Court dismisses the action for annulment" and the EU-US DPF remains valid.

Oct 31, 2025

AI (Act) resources

members – 21 min read

💣 noyb files *criminal* complaint against Clearview AI – potentially putting its executives at risk of jail time | EDPS with revised Guidance on Generative AI | Dutch DPA: Building AI literacy (in English) | Commission launches AI Act Service Desk

Oct 29, 2025

Privacy, data protection & security legal landscape

members – 7 min read

Commission preliminarily finds TikTok and Meta in breach of DSA transparency obligations | GDPR Procedural Regulation: EP voted in favor, next up: Council's 1st reading | 12 Sep: Data Act applies | 'Age Verification Blueprint' testing in 🇩🇰🇫🇷🇬🇷🇮🇹🇪🇸

Oct 29, 2025

GDPR 2.0?

members – 7 min read

Kuner criticises 2024 Draghi report | Commission outlines digital simplification plans at LIBE meeting | Commission proposes to simplify the European Single Market, including the GDPR Articles 4, 30, 40 and 42.

Oct 29, 2025

UK ICO fines Capita £14 million for breach after weak security and slow reaction

members – 8 min read

After first flagging a fine with a potential starting point of £97m, the 🇬🇧 DPA heavily reduced it after several mitigating factors we can all learn from. A decision packed with practical lessons for DPOs, data protection and security teams alike!

Oct 26, 2025

Data breaches

members – 2 min read

🇳🇴 DPA with significant breach page change | Upcoming topic page for breaches, prompted by EDPB's summary document. Links so far: Denmark, Finland, France, Greece, Ireland, Italy, Norway, Spain, Sweden, ICO, EDPB, EDPS, EC.

Oct 26, 2025

The Coordinated Supervision Committee (CSC)

members – 2 min read

EU Entry Exit System took effect on 12 Oct – EDPS press release 24 Oct | The CSC brings together DPAs and the EDPS to coordinate supervision of large-scale IT systems (e.g. IMI, Europol, SIS, Eurojust) and EU bodies under the EUDPR or relevant EU laws.

Oct 24, 2025

The DPO role: Key resources

members – 3 min read

🇧🇷 Interesting DPO survey highlighting familiar challenges | 🇪🇸 Andalusia DPA in June: DPOs in public sector can't also be infosec officer | 🇱🇹 2025 DPO guide | 🇳🇴 New DPO podcast series | Key DPO role resources: CJEU, EDPB, DPAs, EDPS, GDPR commentaries and more

Oct 23, 2025

Norway DPA fines Grindr NOK 65 million

members – 3 min read

The Borgarting Court of Appeal has upheld the record NOK 65m (~€5.6m) fine! It can still be appealed to the Supreme Court – we’ll know in about a month.

Oct 21, 2025

CJEU C-621/22 KNLTB (legitimate interests) 4 Oct 2024

members – 4 min read

[update] Article 6(1)(f) allows disclosure for a commercial interest if the processing is *strictly* necessary and not outweighed by the interests, rights or freedoms of the data subjects. The interest doesn't have to be determined by law, but it must be lawful. And CJEU nudges consent again.

Oct 21, 2025