Norway DPA fines Parliament: lacks 2FA and incomplete risk assessment
Jan 25, 2022
—
1 min read
You might also like
CJEU C-698/23 P EDPS v Parliament and Council 8 May 2025 AG Opinion
members
–
1 min read
An Advocate General Opinion on a case about Europol and regulators – safe to skip for most!
CJEU C-313/23 Inspektorat kam Visshia sadeben savet 30 Apr 2025
members
–
3 min read
That a court authorises personal data disclosure to another judicial body qualifies as processing under the GDPR – but it doesn’t make the court a controller or a DPA, and it’s not required to ensure compliance unless an Article 79(1) action is brought before it.
CJEU C-710/23 Ministerstvo zdravotnictvi 3 Apr 2025
members
–
3 min read
GDPR still applies when acting on behalf of a legal person. Plus, major implications for 🇨🇿 Czech – and potentially other – public bodies handling FOI requests: you may need to consult data subjects before disclosure, and even if that's impossible, you must still balance FOI with data protection.