AI (Act) resources
members
–
22 min read
⏰ AI Act high-risk regime delayed 12-15 months? | EDPS EUDPR guide: AI Systems Risk Management
Privacy, data protection & security legal landscape
members
–
7 min read
✅ Council adopts new Regulation to speed-up handling of cross-border data protection complaints | Commission preliminarily finds TikTok and Meta in breach of DSA transparency obligations
National DPA news (2025)
members
–
5 min read
🇫🇷 survey: Monetization of personal data | Learnings for all: 🇳🇱 DPAg recommendations after five major service provider cyber attacks | 🇪🇸 AEPD launches 'Privacy Dialogues' on YouTube | 🇬🇧 ICO announces new public sector approach | 🇳🇱 25% face DPA cookie banner actions
Data breaches
members
–
2 min read
🇳🇴 DPA with significant breach page change | Upcoming topic page for breaches, prompted by EDPB's summary document. Links so far: Denmark, Finland, France, Greece, Ireland, Italy, Norway, Spain, Sweden, ICO, EDPB, EDPS, EC.
The DPO role: Key resources
members
–
3 min read
🇧🇷 Interesting DPO survey highlighting familiar challenges | 🇪🇸 Andalusia DPA in June: DPOs in public sector can't also be infosec officer | 🇱🇹 2025 DPO guide | 🇳🇴 New DPO podcast series | Key DPO role resources: CJEU, EDPB, DPAs, EDPS, GDPR commentaries and more
EDPB Support Pool of Experts (SPE) projects
members
–
6 min read
Latest: The Digital Euro and its token-based offline modality (Oct) | AI and Data Protection Training curriculum (Jun) | An overview of SPE projects.
DPIAs: Key resources
members
–
5 min read
Data Protection Impact Assessments (DPIAs) key resources v1 – starting with every DPA's website!
The DPO role: Article 37(1)(b)
members
–
5 min read
10 Oct: Estonia's thresholds for 'large-scale' (5k, 10k, 50k) | Breaking down Article 37(1)(b) key terms: 'core activities', 'regular', 'systematic', 'monitoring' and 'large scale'. And what should you do if you're still unsure whether you need to appoint a DPO? Appoint one voluntarily?
Your OSS for the EU-US DPF
public
–
7 min read
EDPS opines on EU-US data exchanges for security screenings and identity verifications | The General Court dismissed Latombe's action for annulment – and the EU-US DPF is safe for now.
CNIL shares transfer impact assessment (TIA) practical template
members
–
2 min read
NB: On 9 July, CNIL appears to have updated the webpage with that date, though there don’t seem to be any actual changes – and the PDFs are still from January. Either way, here’s a quick reminder! 💬 "CNIL TIA template is one of the best templates available to the public!"
Lawfulness: Consent
members
–
6 min read
Latest update: Luxembourg DPA with updated guidance. Start here for all things consent: when to rely on and not, practical tips and key resources (GDPR, DPD, CFR, OECD, CJEU rulings and EDPB guidance).
Lawfulness: Legitimate interests
members
–
2 min read
v1 of the legitimate interest topic page is ready, with key resources, CJEU rulings and DPA guidance - though only from ICO, CNIL, Datatilsynet and IMY. Have anything to share from your country? Submit your contribution and earn a gold star!