Rie Aleksandra - DPO Hub (Page 2)

Norway DPA shares education sector audit findings

members – 2 min read

Datatilsynet completed their large-scale audit examining how 50 municipalities safeguard privacy and data protection when using digital learning tools for educational purposes. Read their request for information letter here + watch the recording of their final report presentation.

May 15, 2025

CJEU C-698/23 P EDPS v Parliament and Council 8 May 2025 AG Opinion

members – 1 min read

An Advocate General Opinion on a case about Europol and regulators – safe to skip for most!

May 11, 2025

The DPO role: Article 37(1)(b)

members – 5 min read

Breaking down Article 37(1)(b) key terms: 'core activities', 'regular', 'systematic', 'monitoring' and 'large scale'. And what should you do if you're still unsure whether you need to appoint a DPO? Appoint one voluntarily?

May 10, 2025

EDPB meeting minutes 8 Apr 2025

members – 1 min read

🇪🇺 Commission gave an update on the EU-US DPF: EO 14086 is still "fully in place" and they'll only continue to "monitor the situation" for now | Little else particularly newsworthy so feel free to skip this read if you already read the agenda

May 9, 2025

🚨 EDPB & EDPS joint letter to the Commission on proposal to simplify ROPA requirements

members –

EDPB & EDPS jointly – positively – responded to the European Commission’s letter proposing to simplify the Article 30 ROPA requirement for SMCs and non-profits with fewer than 500 employees and a “certain annual turnover”, deleting certain references and adding in 'high' risk.

May 8, 2025

CJEU C-313/23 Inspektorat kam Visshia sadeben savet 30 Apr 2025

members – 3 min read

That a court authorises personal data disclosure to another judicial body qualifies as processing under the GDPR – but it doesn’t make the court a controller or a DPA, and it’s not required to ensure compliance unless an Article 79(1) action is brought before it.

May 6, 2025

Adequacy decisions

members – 2 min read

EDPB agrees with the Commission's proposal to extend the UK's GDPR and LED adequacy decisions until 27 Dec | EU and Japan open adequacy extension talks | EDPS blocked transfers to Brazil, Turkey, India and Fiji in Feb 2024

May 6, 2025

EDPB annual report 2024

members – 3 min read

EDPB Chair Anu Talus is proud of their 2024 achievements, including the "significantly increased number of consistency opinions adopted under Art. 64(2)". They've also launched a new strategy 2024-2027. But should you read either? (Added link to EDPS' annual report too.)

Apr 23, 2025

EDPB meeting minutes 13 Mar 2025

members – 2 min read

Upcoming guidelines: political advertising Regulation | 🇺🇸 MoU on "Defending American Companies ... Overseas Extortion and Unfair Fines" (confidential discussion) | SoMe platforms disinformation & halted fact-checking | CJEU Russmedia + Dun & Bradstreet | Generative AI Enforcement taskforce

Apr 23, 2025

EDPB Guidelines 2/2025 Blockchain (public consultation)

members – 1 min read

New EDPB Guidelines are now open for public consultation (until 9 June) on processing of personal data through blockchain technologies.

Apr 14, 2025

EDPB Support Pool of Experts (SPE) projects

members – 4 min read

An overview of SPE projects. Latest: AI Privacy Risks and Mitigations LLMs (Apr) | AI: Complex Algorithms and effective Data Protection Supervision + OSS Case Digest: Right of access (Jan)

Apr 14, 2025

EDPB meeting minutes 11 Feb 2025

members – 2 min read

Skip reading this if you already read the 12 Feb press release. Commission’s watching EU-US DPF “with interest” (but no more info). ChatGPT taskforce now “Generative AI Enforcement”, will cover DeepSeek. Second LED report due May 2026. Three new CSC databases.

Apr 11, 2025