The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
"Monsters Inc." y el tratamiento de los datos
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
[Webinar] You Are Here: First Steps in Data Mapping
Fintech Focus Podcast | What Does AI Safety Mean For Fintechs?
The FTC's Health Privacy Enforcement Actions
The FTC and DOJ Act Against Amazon to Protect Privacy
Law Brief®: Rich Schoenstein and Annmarie Giblin Discuss Cyber Law
Biometric Litigation
Podcast - The FTC Agenda & Data Privacy
Webinar Recording – The Colorado Privacy Act and Draft Rules
2022 DSIR Report Deeper Dive: Personal Data Deletion
Congress Tries to Wrangle Cyber and Crypto Industries
Who are the decision makers at INTERPOL's CCF?
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
On May 8, 2025, the Federal Labor Court Bundesarbeitsgericht (“BAG”) issued a significant ruling concerning an employee’s claims for damages due to unlawful data transfers within a corporate group. The BAG ruled that works...more
As of May 27, 2025, Meta (Facebook and Instagram) will start using some of the personal data of European users to train its artificial intelligence (AI) systems, including tools such as Meta AI and Llama language models....more
On May 14, 2025, the Belgian Market Court delivered a landmark ruling regarding IAB Europe’s role in the Transparency and Consent Framework (TCF). The Court confirms that TC Strings qualify as personal data and that IAB...more
On April 28 2025, the Court of Justice of the European Union (CJEU) published an updated version of the fact sheet (the Fact Sheet) summarising key case law on protection of personal data. The Fact Sheet covers the case law...more
The Belgian Data Protection Authority recently ruled that a Belgian government entity, FPS Finance, cannot transfer the personal data of “accidental Americans” to the IRS. According to the decision, the transfers needed to...more
On May 2, 2025, the Irish Data Protection Commission (“DPC”) issued a decision, as lead supervisory authority, finding that TikTok infringed the GDPR regarding (a) its cross-border transfers of EEA User Data to China, and (b)...more
Recently, there has been an increase in individual rights activity across Europe, particularly organizations receiving Data Subject Access Requests (DSARs) from former employees. ...more
If you are a compliance professional for a U.S.-based company, you have probably been told at some point that you have to worry about the General Data Protection Regulation (GDPR). Have you encountered one of these...more
The EU regulation designed to facilitate secondary use of clinical data for research brings benefits for health research, but also poses challenges for companies....more
The European Union took a big step last year towards regulating digital labor platforms – and member states will need to adopt the new directive before the end of 2026. The directive seeks to curb worker misclassification,...more
The EU Pay Transparency Directive (’PTD’) introduces extensive disclosure obligations regarding salary information. At the same time, employers must ensure compliance with the applicable data protection regulations and...more
The European Data Protection Board (EDPB), the independent EU body responsible for ensuring the consistent application of the EU General Data Protection Regulation (GDPR) across all EU member states, has kicked off its...more
On 19 March 2025, the European Data Protection Board published an updated procedure for co-operation between EU data protection supervisory authorities approving GDPR Binding Corporate Rules for intra-group transfers of EU...more
On March 5, 2025, Regulation (EU) 2025/327 of the European Parliament and of the Council of February 11, 2025 on the European Health Data Space and amending Directive 2011/24/EU and Regulation (EU) 2024/2847 (the Regulation)...more
On March 18, 2025, the European Commission proposed to extend its adequacy decision in favor of the United Kingdom (‘UK’) for an additional six-month period. This would allow free flows of personal data from the EU to the UK...more
The guidelines specify the requirements for data controllers to conduct risk assessments related to the transfer or disclosure of personal data outside the Kingdom. ...more
The European Data Protection Board (EDPB) has launched its 2025 enforcement sweep targeting organizations’ compliance with data subjects’ right of erasure (right to delete or be forgotten), focusing particularly on how...more
On February 27 2025, the Court of Justice of the European Union (CJEU) delivered a judgment in CK v Dun & Bradstreet (Case C-203/22). This judgment clarifies the GDPR provisions regarding the right of access to personal...more
Right of erasure (or “right to be forgotten”) has been selected by the European Data Protection Board as its priority enforcement topic for 2025. This work is being done under the “Coordinated Enforcement Framework” or “CEF.”...more
On February 20, 2025, the Polish Personal Data Protection Office (UODO) published an updated version of the guide on personal data protection breaches. The first edition was released in 2018. The latest version...more
Know What Laws Apply - Privacy and security laws, particularly in the U.S., have changed dramatically in the last few years. It’s not surprising many leaders are unsure which new laws or updated regulations apply to their...more
Advocate General Spielmann opines that personal data can be pseudonymous in the hands of one party and anonymous in the hands of another....more
The CJEU has decided that the maximum thresholds for GDPR fines should be calculated using the global turnover of the broader corporate group, not solely the infringing entity....more
Der Europäische Gerichtshof (EuGH) hat festgestellt, dass Kollektivvereinbarungen (wie bspw. Betriebsvereinbarungen) nur dann eine rechtliche Grundlage für die Verarbeitung von Beschäftigtendaten darstellen können, wenn sie...more
As 2025 progresses, one thing is clear—GDPR enforcement is not slowing down. In fact, regulators across Europe are intensifying their scrutiny, handing out significant fines and even warning executives of potential personal...more