Austrian court: Der Standard broke GDPR with pay-or-consent model
The Austrian Federal Administrative Court confirmed that newspaper Der Standard breached the EU’s data protection rules by using a “pay […]
The Austrian Federal Administrative Court confirmed that newspaper Der Standard breached the EU’s data protection rules by using a “pay […]
Ombudsman complaints and a Parliament–Council split have prolonged the appointment of the next EDPS, centering on independence concerns over a Commission insider versus continuity with the incumbent.
Study finds major AI browser assistants transmit sensitive personal data, likely breaching GDPR and requiring stronger consent, transparency, and technical safeguards.
AEPD fines Iberostar unit €70,000 for requiring full ID copies at booking; authority stresses GDPR data minimisation and that copies are unnecessary and risky for guest registration.
EDPS finds the European Commission’s Microsoft 365 use compliant with Regulation (EU) 2018/1725 after contractual, technical and organisational measures addressed purpose limitation, transfers and disclosures.
IMY reprimanded Flightradar24 for GDPR breaches after routinely demanding aircraft registration certificates, requiring improved erasure procedures and proportional identity verification.
New DPC Adult Safeguarding Toolkit guides organisations on GDPR-compliant collection, storage and sharing of vulnerable adults’ personal data with practical templates and sector collaboration.
German high court restricts law enforcement use of spyware to cases with at least a three-year maximum sentence, citing severe interference with fundamental rights.
EDPB will publish an EU-wide GDPR breach notification template to standardize reporting, aid cross-border compliance, and support accompanying guidance and tools.
The Cologne court partially overturned the BfDI ban on the German Federal Government’s Facebook fan page, clarifying GDPR responsibilities for public authorities and Meta.
The European Commission is accused of rigging the selection process for the European Data Protection Supervisor, compromising independence and transparency.
Microsoft France admits it cannot guarantee French citizen data in EU datacenters is fully protected from U.S. government access, highlighting digital sovereignty challenges.