Through a common interpretation by data protection authorities in the EU, these guidelines seek to
ensure a consistent application of the GDPR when assessing whether particular processing by a controller or a processor falls within the scope of the new EU legal framework. In these guidelines, the EDPB sets out and clarifies the criteria for determining the application of the territorial scope of the GDPR. Such a common interpretation is also essential for controllers and processors, both within and outside the EU, so that they may assess whether they need to comply with the GDPR.
OpenAI Fined €15 Million for GDPR Violations in Italy
The Italian Data Protection Authority fined OpenAI €15 million for using personal data without legal grounds and lacking age verification […]