German Court Restricts Police Use of Spyware
German high court restricts law enforcement use of spyware to cases with at least a three-year maximum sentence, citing severe interference with fundamental rights.
GDPR News
EDPB announces forthcoming unified GDPR breach reporting form
EDPB will publish an EU-wide GDPR breach notification template to standardize reporting, aid cross-border compliance, and support accompanying guidance and tools.
German court says Facebook fanpage owner not responsible for cookies on webpage
The Cologne court partially overturned the BfDI ban on the German Federal Government’s Facebook fan page, clarifying GDPR responsibilities for public authorities and Meta.
European Commission Accused of Rigging EDPS Selection
The European Commission is accused of rigging the selection process for the European Data Protection Supervisor, compromising independence and transparency.
Microsoft Admits U.S. Access Risk to EU Citizen Data
Microsoft France admits it cannot guarantee French citizen data in EU datacenters is fully protected from U.S. government access, highlighting digital sovereignty challenges.
Noyb Targets Chinese Apps TikTok, AliExpress and WeChat Over GDPR Violations
Noyb filed GDPR complaints against TikTok, AliExpress, and WeChat for failing to properly respond to European users’ data access requests.
EU Commission Launches Review of UK’s Adequacy Decision
The EU Commission begins adopting new adequacy decisions confirming UK data protection safeguards for free and safe personal data flows between the EU and UK.
McDonald’s in Poland Fined €3.6 million for Employee Data Exposure and Security Failures
Polish Data Protection Authority fined McDonald’s and its processor over €3.6 million for GDPR violations after employee data exposure due to poor security and oversight.
DPC Opens GDPR Inquiry into TikTok’s Transfers of EEA Data to China
The DPC has launched an inquiry into TikTok’s transfer of EEA user data to China, focusing on GDPR compliance and the legality of cross-border data transfers.
EDPB and EDPS Back GDPR Changes to Ease Administrative Burden
The EDPB and EDPS support the Proposal to simplify GDPR record-keeping rules by raising the employee threshold to 750 and extending measures to small mid-cap enterprises.
German Court Awards Facebook User €5,000 for Extensive Surveillance by Meta’s Business Tools
The Leipzig court awarded €5,000 to a Facebook user for GDPR violations by Meta’s Business Tools, establishing a precedent for compensation in European data protection cases.
Irish DPA Publishes 2025 Case Studies
The Irish Data Protection Commission’s 2025 case studies reveal key trends in GDPR enforcement, with fines up to €1.2 million for breaches involving access requests, security failures, and transparency issues.