Rie Aleksandra - DPO Hub

Data breaches

members – 3 min read

Breach flowchart added | 🇳🇴 DPA with significant breach page change | Upcoming topic page for breaches, prompted by EDPB's summary document. Links so far: Denmark, Finland, France, Greece, Ireland, Italy, Norway, Spain, Sweden, ICO, EDPB, EDPS, EC.

Mar 1, 2026

GDPR 2.0 - Digital Omnibus

members – 24 min read

26 Feb: Simpler GDPR life for SMEs & SMCs moves forward! | 11 Feb: EDPB & EDPS Joint Opinion ready! | Digital Omnibus: COM's proposal to simplify AI, cybersecurity and (personal) data rules to "save businesses up to €5bn by 2029".

Feb 27, 2026

Events 2026

members – 6 min read

Recently added: 10 Mar webinar: 🇳🇴 DPA on new cookie rules | 11 Mar webinar: 🇩🇰 DPA on the Chromebook case

Feb 26, 2026

EDPB CEF 2025: Right to erasure (right to be forgotten)

members – 4 min read

💡 Should-read key takeaways for controllers from the final report. And do we need to sift through back-ups when we get an erasure request..?

Feb 22, 2026

EDPB Plenary meeting agendas and minutes

members – 11 min read

Minutes 15 Jan: EDPB & EDPS Digital Omnibus Joint Opinion | Latest agendas 20 Jan & 10-11 Feb: Joint AI Digital Omnibus Opinion | New Joint Opinion on the European Biotech Act proposal | CEF erasure report | Privacy risks for EU citizens travelling to third countries (🇺🇸?)

Feb 20, 2026

EDPB Strategy and Work Programmes

members – 4 min read

"Easing compliance is at the top of the EDPB agenda" – lets see how that plays out in practice.

Feb 19, 2026

EDPB Guidelines 1/2025 Pseudonymisation (public consultation)

members – 2 min read

New report from the Dec 2025 stakeholder event | EDPB hotly debated pseudonymisation guidelines – still in the works.

Feb 18, 2026

EDPB CEF: Coordinated Enforcement Framework

members – 2 min read

2025 report ready | 2026 topic: 📝 transparency & information | The EDPB created the CEF initiative under its 2021-2023 Strategy to enhance enforcement and strengthen cooperation among DPAs. Each year, they collectively choose a priority enforcement topic for coordinated (voluntary) action.

Feb 18, 2026

Denmark Google Workspace for Education Chromebook case (Helsingørgate)

members – 12 min read

[12 Feb: 🇩🇰 DPA webinar coming up!] [29 Jan: 🇩🇰 DPA applies dreaded EDPB Opinion and signal enforcement change. Must-read for 🇩🇰 folks but crucial to everyone using 🇺🇸 processors] Datatilsynet's landmark decision of 2022 to ban certain use of Google products and US transfers.

Feb 13, 2026

National DPA news

members – 6 min read

🇳🇴 Datatilsynet initiates comprehensive audit of every municipality's security measures.

Jan 28, 2026

Adequacy decisions

members – 4 min read

On 26 Jan, 🇪🇺🇧🇷 COM & Brazil adopted mutual adequacy decisions, allowing businesses, public authorities and researchers to freely exchange data.

Jan 27, 2026

noyb 🇦🇹 DPA Microsoft 365 Education complaints

members – 2 min read

[update – another win!] In 2024, noyb lodged two complaints against Microsoft's 365 Education platform on 1) lack of transparency and insufficient information, and 2) invasive and illegal cookie tracking of kids in schools. The Austrian DPA sided with noyb in both cases.

Jan 27, 2026