Balancing AI Innovation and GDPR: EDPB’s Latest Opinion on AI Models
Data protection professionals have been tasked with a complex role in the advancement of AI technologies. The European Data Protection Board (EDPB)’s latest opinion is pivotal for those navigating the interplay between AI development and General Data Protection Regulation (GDPR) compliance. This opinion highlights the necessity of responsible AI innovation underpinned by stringent adherence to […]
Meta Faces €251 Million Fine by Irish Data Protection Commission
In a landmark ruling, the Irish Data Protection Commission (DPC) has imposed a financial penalty of €251 million on Meta Platforms Ireland Limited (MPIL) following comprehensive inquiries into a significant data breach that was perpetrated in 2018. As experts in data protection and privacy, it is critical to understand the implications of such regulatory actions […]
Progress and Challenges in GDPR Enforcement: EDPB’s Strategic Initiatives
The European Data Protection Board (EDPB) recently addressed the European Commission’s second report on the application of the General Data Protection Regulation (GDPR), affirming its commitment to ongoing initiatives designed to enhance cooperation and clarity under the GDPR framework. Recognizing the significance of legal certainty and coherence between digital legislation and the GDPR, the EDPB […]
Luxembourg Leads with AI Act Implementation: CNPD Appointed Key Authority
The Grand Duchy of Luxembourg is making significant strides in the field of artificial intelligence by designating the Commission Nationale pour la Protection des Données CNPD as the leading authority for the implementation of the AI Act. This move positions Luxembourg among the pioneers in Europe, joining only a few nations actively embedding this crucial […]
Understanding and Implementing Article 48 of GDPR
For data protection professionals and privacy experts, Article 48 of the GDPR serves as a crucial directive that structures international data transfer within the legal framework of the European Union. It deals with scenarios where third country authorities seek access to personal data controlled or processed within the EU, underscoring the importance of respecting EU […]
Ensuring GDPR Compliance: Freedelity’s Data Handling Under Scrutiny
The Belgian Data Protection Authority, known as GBA, has issued a directive to Freedelity, a Belgian firm specializing in managing consumer identity and contact data, to align its operations with the General Data Protection Regulation (GDPR) mandates. This move comes after the GBA found that Freedelity’s data processing consent practices and data minimization principles fall […]
Meta Ireland Fined €91 Million: A Significant DPC Enforcement Action
The Irish Data Protection Commission (DPC) has imposed a notable €91 million fine on Meta Ireland after a comprehensive five-year investigation revealed significant data protection shortcomings. Data protection professionals are witnessing this as a landmark decision by the DPC, primarily due to Meta’s management of user passwords, which were improperly stored in plaintext. Background and […]
The Role of Data Protection Authorities in AI Governance
The intertwining of Artificial Intelligence (AI) and data protection frameworks is crucial for ensuring robust governance and safeguarding user privacy. At the forefront of this effort, the European Data Protection Board (EDPB) remains committed to a harmonized approach with the AI Office as emphasized in recent communications. Strategic Collaboration: In a recent letter addressed to […]
Investigating TikTok’s Influence in Romanian Elections
The Romanian authorities have formally requested the European Commission to investigate TikTok’s role in the country’s recent presidential elections. Acknowledging the significant impact of social media on political landscapes, data protection professionals are examining how platforms like TikTok abide by regulations under the Digital Services Act (DSA). Key Developments: – EU Involvement: Romania’s National Audiovisual […]
CJEU Ruling Influences GDPR Guidelines for Health-Related Data
In a landmark decision from October 4, 2024, the Court of Justice of the European Union (CJEU) has expanded upon the interpretation of ‘data concerning health’ under the General Data Protection Regulation (GDPR). This ruling has profound implications for businesses in the healthcare sector, notably impacting online pharmacies and e-commerce platforms that deal with health-related […]