DPA priorities and annual reports
members
–
1 min read
Latest: 🇸🇪IMY annual report. 🇩🇰 Datatilsynet focus areas.
AI (Act) resources
members
–
11 min read
🇬🇧 Gov. AI Playbook + ICO debunks myths 🇫🇷 CNIL: Responsible innovation recommendations. Commission: AI systems definitions + illegal practices guidances 🇦🇹 DPA: AI ↔ data protection FAQ 🇸🇪 IMY: Gen. AI ↔ GDPR. Great tool from D. Rosenthal: Office AI add-in (Windows).
Dealing with access requests in practice
members
–
3 min read
Recommendations on how to deal with the Right of access - DSARs - in practice (with grumpy DSARs checklist).
Sweden DPA: DPIA practical guidance
members
–
1 min read
IMY has shared a DPIA guide, primarily for those with little or no experience. It sets out a clear 10-step process for conducting an "acceptable" DPIA, to be used alone or with their templates. Grab the documents here (Swedish and DeepL translation).
Your OSS for the EU-US DPF
public
–
6 min read
2025: New worries - stay tuned. 2024: EDPB adopts first review report. EC publishes first review report, concluding the DPF 'functions effectively'. New review in 3 years. Earlier: Interesting read by C. Kuner on 'Strengthening the EU Legal Edifice for Data Transfers'.
DPO Hub 2024 CJEU GDPR-related rulings
members
–
1 min read
A list of all GDPR-related (plus one) CJEU rulings from 2024 with titles, dates, DPO Hub snippets, tags and CJEU keywords (with key Articles etc.).
CNIL shares transfer impact assessment (TIA) practical template
members
–
1 min read
💬 "CNIL TIA template is one of the best templates available to the public!"
EDPB Support Pool of Experts (SPE) projects
members
–
4 min read
New additions: 'AI: Complex Algorithms and effective Data Protection Supervision' 23 Jan + 'OSS Case Digest: Right of access' 17 Jan. Post: An overview of SPE project so far. Which ones (if any) should you spend time on? Maybe the OSS case digests.
🇪🇺 Privacy, data protection & security legal landscape
members
–
5 min read
Latest: The Council adopts the European Health Data Space (EHDS). EC shares Data Act public consultation summary report, FAQ and DGA practical guide.
Rights: Access (DSAR, Right of access)
members
–
3 min read
Added: From 🇩🇪 Berlin DPA's 2023 annual report: DSARs should include "TIA summary or result". Also see 🇩🇰 DPA: no fees allowed, and 🇫🇮 DPA: using a proxy is fine. Got a DSAR? Start here for all things right of access: Article 15 elements table, access request flowchart and key CJEU rulings!
Rights: Access (DSAR) - examples
members
–
40 min read
Right of access examples from the EDPB and ICO.
🔥 Dutch DPA: Web scraping almost always illegal AND:
members
–
2 min read
The 🇳🇱 DPA issued new guidelines for the private sector (public sector one coming) on web scraping, stating it's "almost always illegal", and reiterates their highly controversial claim that ❌ You can't rely on legitimate interest for purely commercial reasons... 🤨