resource - DPO Hub

AI (Act) resources

members – 8 min read

🇪🇺 2nd draft ready! General-Purpose AI Code of Practice. 🇬🇧 ICO shares a summary report after completing their five-part generative AI consultation series. 🇪🇸 DPA article on AI training with machine learning and neural networks. Future of Privacy Forum infographic.

Dec 19, 2024

🇪🇺 Privacy, data protection & security legal landscape

members – 5 min read

'Big 5' (DSA, DMA, DGA, DA, AIA) doesn't cut it anymore. Post revamp to capture key developments like Cyber Resilience Act adopted. Latest: VLOPs & VLOSEs to share 1st DSA risk assessment + audit reports. EC shares DA public consultation summary report. EC shares Data Act FAQ + DGA practical guide.

Nov 29, 2024

Rights: Access (DSAR)

members – 3 min read

Added: From 🇩🇪 Berlin DPA's 2023 annual report: DSARs should include "TIA summary or result". Also see 🇩🇰 DPA: no fees allowed, and 🇫🇮 DPA: using a proxy is fine. Got a DSAR? Start here for all things right of access: Article 15 elements table, access request flowchart and key CJEU rulings!

Nov 9, 2024

Your OSS for the EU-US DPF

public – 4 min read

5 Nov: EDPB adopts first review report 9 Oct: EC publishes first review report, concluding the DPF 'functions effectively'. New review in 3 years. Older: Interesting read by C. Kuner on 'Strengthening the EU Legal Edifice for Data Transfers'.

Nov 6, 2024

DPA priorities and annual reports

members – 1 min read

6 Sep: Added 🇱🇹, 🇱🇻, 🇪🇪 & 🇩🇰 links (thanks for sending!). Spot your country? Please send me 🔗! An overview of DPAs' 2023 annual reports, 2024 priorities (audit focus areas or strategies) and strategies.

Sep 6, 2024

Rights: Access (DSAR) - examples

members – 40 min read

Right of access examples from the EDPB and ICO.

Jul 17, 2024

EDPB Support Pool of Experts (SPE) projects

members – 3 min read

An overview of SPE project so far. Which ones (if any) should you spend time on? (Maybe the OSS case digests.)

Jul 7, 2024

🔥 Dutch DPA: Web scraping almost always illegal AND:

members – 2 min read

The 🇳🇱 DPA issued new guidelines for the private sector (public sector one coming) on web scraping, stating it's "almost always illegal", and reiterates their highly controversial claim that ❌ You can't rely on legitimate interest for purely commercial reasons... 🤨

May 10, 2024

Denmark DPA changes data processing agreement SCCs

members – 1 min read

🇩🇰 DPA changes sub-processor third-party beneficiary clause in their SCCs for data processing agreements as per Article 28(8). Agreements signed before this are still valid.

Apr 22, 2024