While the EDPB guidelines provided inspiration for a few fining policies adopted by national DPAs, the authorities do not shy away from taking innovative approaches to standardize their fining procedures. This article looks at different approaches taken by EU data protection authorities (DPAs) in dealing with GDPR fines.
Recommendations 2/2025 on the legal basis for requiring the creation of user accounts on e-commerce websites
The EDPB clarifies that mandatory user accounts are only lawful under the GDPR when they are strictly necessary and respect […]