News & Analysis as of

General Data Protection Regulation (GDPR) Personal Data Data Protection Authority

Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts... more +
Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts individuals throughout the Union and all businesses operating therein. less -
Alston & Bird

Belgian Data Protection Authority Issues Updated Guidance on Direct Marketing Rules

Alston & Bird on

On March 10, 2025, the Belgian Data Protection Authority (BDPA) updated its 2020 guidance on the processing of personal data for direct marketing purposes (see the updated guidance here in French and in Dutch)....more

Sheppard Mullin Richter & Hampton LLP

Don’t Forget the EU: Italy Issued First GenAI Fine of €15 Million Alleging GDPR Violations 

Sheppard Mullin Richter & Hampton LLP on

At the end of 2024 the Italian Data Protection Authority issued a 15 million euro fine in the first generative AI-related case brought under GDPR. According to Garante (the Italian authority), OpenAI trained ChatGPT with...more

Goodwin

Irish Data Protection Commission fines LinkedIn Ireland EUR 310 million for GDPR violations

Goodwin on

On October 24, 2024, the Irish Data Protection Commission (DPC) issued a press release announcing its EUR 310 million fine of LinkedIn over the platform’s use of member personal data in breach of the EU’s General Data...more

A&O Shearman

EU and UK Data Protection Regulatory Trends so far in 2024: a focus on international data transfers

A&O Shearman on

This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK. 2024 has seen behavioural advertising and cookies continue to dominate the agenda of...more

Pillsbury - Consumer Protection Dispatch

GDPR Enforcement: Lessons from Recent Data Privacy Penalties

Pillsbury - Consumer Protection Dispatch on

Recent decisions by the French data protection authority (CNIL) have highlighted the importance of GDPR compliance, particularly in the areas of data retention, consent for processing sensitive personal data, and marketing...more

Goodwin

Navigating New CNIL Sanctions: What You Need to Know

Goodwin on

The Commission Nationale de l’Informatique et des Libertés (CNIL) is an independent French administrative regulatory body whose mission is to ensure that the collection, storage, and use of personal data comply with data...more

Fisher Phillips

Netherlands Imposes Record-Breaking Data Privacy Fine on Uber: 4 Key Steps Companies Can Take to Ensure Compliance

Fisher Phillips on

Dutch data privacy officials recently imposed a staggering penalty on Uber – €290 million ($324 million) – for allegedly breaching the European Union’s comprehensive data privacy and security law. This groundbreaking fine is...more

Alston & Bird

Belgian Data Protection Authority Publishes Guidance on the Interplay between the GDPR and the AI Act

Alston & Bird on

On 19 September 2024, the Belgian Data Protection Authority (DPA) issued new Guidance on the interplay between the recently adopted EU Regulation on Artificial Intelligence (the AI Act) and the General Data Protection...more

Hogan Lovells

Dutch DPA’s fine decision suspended by Dutch court amidst “(commercial) legitimate interest-controversy”

Hogan Lovells on

Once again, a Dutch district court has recalled a decision of the Dutch Data Protection Authority (Dutch DPA) for its too strict interpretation that purely commercial interests cannot be legitimate interests under Article...more

Ius Laboris

Massive fine for Uber of EUR 290 million

Ius Laboris on

On 26 August the Dutch Data Protection Authority (DPA) fined Uber EUR 290 million for a breach of the General Data Protection Regulation (GDPR). Following a number of complaints from French Uber drivers, the DPA found that...more

DLA Piper

Ireland: Increased Regulatory Convergence of AI and Data Protection: X Suspends Training of AI Chatbot With EU User Data After...

DLA Piper on

The Irish Data Protection Commission (DPC) has welcomed X’s agreement to suspend its processing of certain personal data for the purpose of training its AI chatbot tool, Grok. This comes after the DPC issued suspension...more

Alston & Bird

Dutch Data Protection Authority Warns that Using AI Chatbots Can Lead to Personal Data Breaches

Alston & Bird on

On August 6th, the Dutch Data Protection Authority (DPA) issued guidance cautioning companies about the potential data protection risks associated with the use of Artificial Intelligence (AI)-powered chatbots....more

A&O Shearman

UK - When is a data protection claim not a data protection claim?

A&O Shearman on

In a recent case, Pacini & Anor v Dow Jones & Company Inc., the publisher of the Wall Street Journal unsuccessfully applied to strike out a data protection claim concerning two historic articles....more

BCLP

Analysing the CNIL’s Latest Recommendations for AI Systems

BCLP on

Following the very recent adoption of the EU Regulation on AI (the AI Regulation) the CNIL (the French data regulator) has issued the second in its series of recommendations for the development of privacy-friendly AI models....more

A&O Shearman

Netherlands - The Dutch Data Protection Authority publishes guidance on facial recognition (May 2 2024)

A&O Shearman on

On May 2 2024, the Dutch data protection supervisory authority (the Dutch DPA) published guidance on the processing of personal data when using facial recognition....more

BCLP

Auction of Personal Data: Clarification of the Concepts of Personal Data and Data Controller

BCLP on

On 7 March 2024, the Court of Justice of the European Union issued a ruling (C-604/22 | IAB Europe) clarifying the concepts of personal data and controller in the context of the use of a Transparency and Consent Framework...more

Hogan Lovells

Dutch DPA issues guidelines on data scraping

Hogan Lovells on

On 1 May 2024, the Dutch Data Protection Authority (DPA) issued guidelines on data scraping used by private organisations in relation to GDPR principles including ‘lawfulness’. The guidelines could affect the way GenAI...more

Hogan Lovells

Bilan de l’activité contentieuse de la CNIL en 2023 : un rétroviseur pour lire l’avenir

Hogan Lovells on

Il n’y a pas de question plus difficile en matière contentieuse que celle de l’anticipation des risques de faire l’objet d’un contrôle ou d’une sanction. C’est la raison pour laquelle il est utile de se nourrir des évolutions...more

Mayer Brown

EDPB Provides Guidance On Determining A 'Main Establishment' And The 'One-Stop-Shop' Mechanism

Mayer Brown on

The opinion was issued in response to a request by the French Data Protection Authority and provides guidance on the conditions for determining a controller's main establishment where that controller has establishments in...more

Robinson+Cole Data Privacy + Security Insider

Italian Data Protection Authority Alleges Breaches of GDPR by ChatGPT Platform

Robinson+Cole Data Privacy + Security Insider on

On January 29, 2024, the Italian Data Protection Authority (Garante) notified OpenAI of breaches of data protection laws involving its ChatGPT platform....more

Latham & Watkins LLP

Irish Data Protection Commission Orders Meta Ireland to Suspend Facebook Data Transfers to the US and Imposes Record GDPR Fine of...

Latham & Watkins LLP on

The final decision of the Irish Data Protection Commission (IDPC) in relation to the transfers of EU/EEA Facebook user data by Meta Platforms Ireland Limited (Meta Ireland) to its processor, Meta Platforms, Inc., in the US...more

White & Case LLP

Somewhere Between a Summary and a Data Dump – CJEU Finds Controllers Must Provide Data Subjects a “Faithful And Intelligible” Copy...

White & Case LLP on

The Court of Justice of the EU (CJEU)1 has held that the General Data Protection Regulation (GDPR) requires controllers to provide data subjects a "faithful reproduction" of their personal data, which takes into account the...more

Hogan Lovells

Public consultation on binding rules for phone marketing – Spanish update

Hogan Lovells on

The Spanish Data Protection Authority has opened a public consultation process to obtain comments for an incoming decision establishing the rules for commercial communications via telephone. This decision will be binding upon...more

Latham & Watkins LLP

DSGVO-Bußgelder: Reicht eine „strict liability“ oder ist der Nachweis eines Verschuldens nötig?

Latham & Watkins LLP on

Der Europäische Gerichtshof (EuGH) wird bald darüber entscheiden, ob europäische Datenschutzbehörden künftig leichter Bußgelder nach Art. 83 DSGVO gegen Unternehmen verhängen können. Diese Entscheidung kann großen Einfluss...more

Latham & Watkins LLP

European Data Protection Board Focuses Coordinated Enforcement on Data Protection Officers

Latham & Watkins LLP on

Organisations should expect increased scrutiny and enforcement activity around the role of data protection officers in the coming year. The European Data Protection Board (EDPB) has announced that its coordinated...more

207 Results
 / 
View per page
Page: of 9
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide