AI (Act) resources
members
–
24 min read
7 May agreement! | Check out the NIST AI Risk Management Framework (linked under 'Various updates/resources')
Denmark Google Workspace for Education Chromebook case (Helsingørgate)
members
–
12 min read
🇩🇰 DPA concludes the case, applies the dreaded EDPB Opinion and signal enforcement change – and shares takeaways in webinar. Must-read if you're in Denmark but crucial to everyone using third-country processors, especially US ones.
Sweden DPA IMY: DPIA practical guidance
members
–
1 min read
IMY has shared a DPIA guide, primarily for those with little or no experience. It sets out a clear 10-step process for conducting an "acceptable" DPIA, to be used alone or with their templates. Grab the documents here (Swedish and DeepL translation).
CJEU C-61/22 Landeshauptstadt Wiesbaden 21 Mar 2024
members
–
1 min read
A ruling on Regulation 2019/1157 on ID card security, where the CJEU clarified that its adoption couldn’t violate Article 35 of the GDPR, as it wasn’t subject to a DPIA requirement. (They also concluded that the regulation was invalid!)
Dutch DPA on education sector social media marketing
members
–
4 min read
The DPA stresses that their advice applies generally to all social media and "of great importance" to all educational institutions and similar organisations in 🇳🇱.
Denmark DPA orders municipalities to ensure Google-sharing compliance
members
–
1 min read
🔥 Danish DPA with new decision in their Helsingørgate/Chromebook case!