News & Analysis as of

General Data Protection Regulation (GDPR) Data Protection Data Protection Authority

Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts... more +
Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts individuals throughout the Union and all businesses operating therein. less -
Alston & Bird

Belgian Data Protection Authority Issues Updated Guidance on Direct Marketing Rules

Alston & Bird on

On March 10, 2025, the Belgian Data Protection Authority (BDPA) updated its 2020 guidance on the processing of personal data for direct marketing purposes (see the updated guidance here in French and in Dutch)....more

Sheppard Mullin Richter & Hampton LLP

Don’t Forget the EU: Italy Issued First GenAI Fine of €15 Million Alleging GDPR Violations 

At the end of 2024 the Italian Data Protection Authority issued a 15 million euro fine in the first generative AI-related case brought under GDPR. According to Garante (the Italian authority), OpenAI trained ChatGPT with...more

A&O Shearman

EU and UK Data Protection Regulatory Trends so far in 2024: a focus on international data transfers

A&O Shearman on

This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK. 2024 has seen behavioural advertising and cookies continue to dominate the agenda of...more

Pillsbury - Consumer Protection Dispatch

GDPR Enforcement: Lessons from Recent Data Privacy Penalties

Recent decisions by the French data protection authority (CNIL) have highlighted the importance of GDPR compliance, particularly in the areas of data retention, consent for processing sensitive personal data, and marketing...more

Alston & Bird

EDPB Adopts Opinion on the Use of Processors and Sub-processors

Alston & Bird on

On October 7, 2024, the European Data Protection Board (“EDPB”) adopted an opinion on obligations following from the use of processors and sub-processors (the “Opinion”). The EDPB is the body that seeks to ensure harmonised...more

Fisher Phillips

Netherlands Imposes Record-Breaking Data Privacy Fine on Uber: 4 Key Steps Companies Can Take to Ensure Compliance

Fisher Phillips on

Dutch data privacy officials recently imposed a staggering penalty on Uber – €290 million ($324 million) – for allegedly breaching the European Union’s comprehensive data privacy and security law. This groundbreaking fine is...more

Hogan Lovells

Dutch DPA’s fine decision suspended by Dutch court amidst “(commercial) legitimate interest-controversy”

Hogan Lovells on

Once again, a Dutch district court has recalled a decision of the Dutch Data Protection Authority (Dutch DPA) for its too strict interpretation that purely commercial interests cannot be legitimate interests under Article...more

Ius Laboris

Massive fine for Uber of EUR 290 million

Ius Laboris on

On 26 August the Dutch Data Protection Authority (DPA) fined Uber EUR 290 million for a breach of the General Data Protection Regulation (GDPR). Following a number of complaints from French Uber drivers, the DPA found that...more

DLA Piper

Ireland: Increased Regulatory Convergence of AI and Data Protection: X Suspends Training of AI Chatbot With EU User Data After...

DLA Piper on

The Irish Data Protection Commission (DPC) has welcomed X’s agreement to suspend its processing of certain personal data for the purpose of training its AI chatbot tool, Grok. This comes after the DPC issued suspension...more

A&O Shearman

European Commission publishes second report on application of GDPR

A&O Shearman on

On 25 July 2024, the EU Commission published its second report on the application of the GDPR (the ‘Second Report’), following its first report published in 2020....more

Alston & Bird

Dutch Data Protection Authority Warns that Using AI Chatbots Can Lead to Personal Data Breaches

Alston & Bird on

On August 6th, the Dutch Data Protection Authority (DPA) issued guidance cautioning companies about the potential data protection risks associated with the use of Artificial Intelligence (AI)-powered chatbots....more

A&O Shearman

UK - When is a data protection claim not a data protection claim?

A&O Shearman on

In a recent case, Pacini & Anor v Dow Jones & Company Inc., the publisher of the Wall Street Journal unsuccessfully applied to strike out a data protection claim concerning two historic articles....more

A&O Shearman

Netherlands - The Dutch Data Protection Authority publishes guidance on facial recognition (May 2 2024)

A&O Shearman on

On May 2 2024, the Dutch data protection supervisory authority (the Dutch DPA) published guidance on the processing of personal data when using facial recognition....more

White & Case LLP

AI Watch: Global regulatory tracker - Italy

White & Case LLP on

Italy plays a prominent role in EU AI Act negotiations and engages in political discussions for future laws. Laws/Regulations directly regulating AI (the “AI Regulations”) Currently, there are no specific laws,...more

Hogan Lovells

Dutch DPA issues guidelines on data scraping

Hogan Lovells on

On 1 May 2024, the Dutch Data Protection Authority (DPA) issued guidelines on data scraping used by private organisations in relation to GDPR principles including ‘lawfulness’. The guidelines could affect the way GenAI...more

Hogan Lovells

Bilan de l’activité contentieuse de la CNIL en 2023 : un rétroviseur pour lire l’avenir

Hogan Lovells on

Il n’y a pas de question plus difficile en matière contentieuse que celle de l’anticipation des risques de faire l’objet d’un contrôle ou d’une sanction. C’est la raison pour laquelle il est utile de se nourrir des évolutions...more

Mayer Brown

EDPB Provides Guidance On Determining A 'Main Establishment' And The 'One-Stop-Shop' Mechanism

Mayer Brown on

The opinion was issued in response to a request by the French Data Protection Authority and provides guidance on the conditions for determining a controller's main establishment where that controller has establishments in...more

Robinson+Cole Data Privacy + Security Insider

Italian Data Protection Authority Alleges Breaches of GDPR by ChatGPT Platform

On January 29, 2024, the Italian Data Protection Authority (Garante) notified OpenAI of breaches of data protection laws involving its ChatGPT platform....more

BakerHostetler

DSIR Deeper Dive: Absent Legislation, Privacy Regulators Offer Guidance on AI

BakerHostetler on

By now, many of us are using AI, advising others about how to use AI, and waiting for some legislative miracle to give us some guardrails for what we can or cannot be doing with AI. A lot of effort has been put into tracking...more

A&O Shearman

France CNIL calls for comments on its draft recommendation on security of critical data processing operations

A&O Shearman on

The French supervisory authority (CNIL) asked for public comments on its draft recommendation on data security in relation to processing that presents particularly high risks to individuals or to the public interest (the...more

White & Case LLP

Somewhere Between a Summary and a Data Dump – CJEU Finds Controllers Must Provide Data Subjects a “Faithful And Intelligible” Copy...

White & Case LLP on

The Court of Justice of the EU (CJEU)1 has held that the General Data Protection Regulation (GDPR) requires controllers to provide data subjects a "faithful reproduction" of their personal data, which takes into account the...more

White & Case LLP

European Advocate General rejects the need for “strict liability” in GDPR violations – The last word, however, is not yet spoken

White & Case LLP on

It is, by now, well known that not taking data protection seriously can prove costly for organizations. Since the introduction of the European General Data Protection Regulation (the "GDPR") in 2018, non-GDPR-compliant...more

Hogan Lovells

Public consultation on binding rules for phone marketing – Spanish update

Hogan Lovells on

The Spanish Data Protection Authority has opened a public consultation process to obtain comments for an incoming decision establishing the rules for commercial communications via telephone. This decision will be binding upon...more

Hogan Lovells

Comprendre et tirer les leçons de la riche activité de la CNIL de ces derniers mois

Hogan Lovells on

Les derniers mois ont vu une activité bouillonnante de la CNIL avec l’adoption de nombreuses délibérations. Nous avons analysé ces décisions pour comprendre les principales orientations prises par l’autorité française....more

Latham & Watkins LLP

European Data Protection Board Focuses Coordinated Enforcement on Data Protection Officers

Latham & Watkins LLP on

Organisations should expect increased scrutiny and enforcement activity around the role of data protection officers in the coming year. The European Data Protection Board (EDPB) has announced that its coordinated...more

250 Results
 / 
View per page
Page: of 10

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide