Rie Aleksandra - DPO Hub

Privacy, data protection & security legal landscape

members – 7 min read

"But wait, there's more..." Is the EU really living up to its simplification promises? Added the Commission's work program for 2026, and links to 'Cloud and AI development Act' + 'Quantum Act'.

Mar 30, 2026

EDPB Support Pool of Experts (SPE) projects

members – 6 min read

Latest: Legitimate interest OSS case digest.

Mar 30, 2026

Welcome! Start here 👇

members – 2 min read

NEW: Private podcast feed test

Mar 29, 2026

Check out the NIST AI Risk Management Framework (linked under 'Various updates/resources') | 🔥 Council agrees Omnibus VII position to streamline certain AI rules. Next up: negotiations with the European Parliament.

Mar 28, 2026

Events 2026

members – 6 min read

Next up: 22-23 Apr 🇳🇴 Oslo: Normkonferansen "den viktigste møteplassen for deg som er interessert i informasjonssikkerhet og personvern i helse- og omsorgssektoren" (Rie's speaking: Skråblikk fra en fersk helse-PVO) | 20-24 Apr 🇮🇹 Venice: Privacy Symposium

Mar 25, 2026

EDPB Plenary meeting agendas and minutes

members – 12 min read

Minutes: 3x EDPB/EDPS Joint Opinions: (AI) Digital Omnibus; Biotech Act | CEF Right to erasure report | Anonymisation/pseudonymisation event report | DPAs peppered with AI-generated complaints and scrutinising 🇺🇸 travels | Agendas: 🚨 DPIA template | 📝 3x interplay Guidelines, 1 Opinion

Mar 24, 2026

CJEU C-526/24 Brillen Rottler 19 Mar 2026

members –

If a DSAR is made solely to engineer a compensation claim rather than to verify lawful processing, it can be refused as abusive – even if it's the first request.

Mar 19, 2026

Luxembourg DPA fines Amazon Europe €746m

members – 2 min read

13 March 2026: Amazon with big win – a Luxembourg appeals court has overturned the €746 million fine and referred the case back to the DPA.

Mar 19, 2026

Lawfulness: Legitimate interests

members – 3 min read

17 Mar 2026: 🇳🇴 Datatilsynet with updated legitimate interest guidance. Could this mean the final EDPB Guidelines 1/2024 is just around the corner?

Mar 18, 2026

Personal data breaches – in practice

members – 2 min read

A breach happens. What now? When are you "aware", how do you assess the risk – and who do you need to notify? 📝 Homework: download the revised breach flowchart, tailor it to your organisation and ensure you have a step-by-step process in place.

Mar 8, 2026

EDPB Strategy and Work Programmes

members – 4 min read

💡 EDPB only to do a "targeted update" to DPO Guidelines | "Easing compliance is at the top of the EDPB agenda" – lets see how that plays out in practice.

Mar 7, 2026

Data breaches

members – 3 min read

🇳🇴 DPA with significant breach page change | Upcoming topic page for breaches, prompted by EDPB's summary document. Links so far: Denmark, Finland, France, Greece, Ireland, Italy, Norway, Spain, Sweden, ICO, EDPB, EDPS, EC.

Mar 1, 2026