Rie Aleksandra - DPO Hub

CJEU C-634/21 SCHUFA Holding (scoring)

members – 4 min read

Credit scoring = Art. 22(1) 'automated individual decision-making' when a third party heavily relies on a probability value to form or end a contract with a data subject. 🚨 A ruling of "ground-breaking importance for AI-based decisions" according to the Hamburg DPA!

Oct 20, 2024

DPO Hub Pulse Check 📊

members –

Spend 37 seconds (yes I timed it!) to share your *brutally honest* feedback on two short and simple questions that'll help me in the work to improve the DPO Hub for you.

Oct 17, 2024

EDPB Guidelines 2/2023 Technical Scope of Art. 5(3) ePrivacy Directive

members – 1 min read

Likely one of the EDPB’s most controversial documents to date, though the sub-processor Opinion will definitely give it strong competition for first place!

Oct 16, 2024

EDPB meeting minutes 17 Sep 2024

members – 1 min read

New 💸 fines guidelines coming at the end of 2025. Plus, an exciting Support Pool of Experts legal report on 'the extra-territorial enforcement of the GDPR' is coming soon.

Oct 15, 2024

Events 2024

members – 2 min read

New: 🇳🇴 DPA seminar Copilot sandbox report 27 Nov. Next up: 🇫🇷 LINC (CNIL's Digital Innovation Lab) seminar web tracking research 24 Oct 🇬🇧 Privacy Space 7 Nov 🇵🇹 Lisbon Web Summit 11-14 Nov

Oct 15, 2024

[signup form added] First come-first serve to EDPB's AI models stakeholder event 5 Nov

members – 1 min read

Limited spots available (they also reserve the right to cherry-pick participants).

Oct 15, 2024

EDPB CEF: Coordinated Enforcement Framework

members – 1 min read

The EDPB created the Coordinated Enforcement Framework (CEF) under its 2021-2023 Strategy to enhance enforcement and strengthen cooperation among DPAs. Each year, DPAs collectively choose a priority enforcement topic for coordinated action. 2025 topic: ❌ right to erasure.

Oct 14, 2024

Welcome! Start here 👇

members – 3 min read

Find your way around the DPO Hub: Manage your subscription, choose your favorite view (grid or list) and theme (from four different ones!) and bookmark posts. 🔎 Didn't find something? There's a form for that too!

Oct 13, 2024

EDPB Strategy 2024-2027 and Work Programmes

members – 3 min read

New comparison table for their three Work Programmes. Check out which documents have just disappeared! 🧐

Oct 11, 2024

EDPB CEF 2025 topic: right to erasure (right to be forgotten)

members – 1 min read

🧐 A key aim is to assess how you've implemented the right in practice. The EDPB also mentions that the 2024 CEF action on the right to access report will be adopted in early 2025.

Oct 10, 2024

Your OSS for the EU-US DPF

public – 4 min read

🇪🇺 EC publishes first review report, concluding the DPF 'functions effectively'. New review in 3 years. Older: Interesting read by C. Kuner on 'Strengthening the EU Legal Edifice for Data Transfers'. And the 🇨🇭Federal Council approved the Swiss-US DPF for transfers to certified US companies.

Oct 10, 2024

🚨 EDPB: (sub-)processor Opinion, legitimate interest Guidelines, draft enforcement regulation Statement, 2024-2025 work programme

members – 1 min read

Controllers should keep identity of *all* processors and sub-processors "readily available at all times" and their obligation to verify (sub-)processors' ‘sufficient guarantees’ should apply regardless of the risk. The EDPB also shares legitimate interest Guidelines for public consultation and more.

Oct 9, 2024