DPA is not obliged to impose sanctions, CJEU rules
Supervisory authorities under GDPR can choose not to impose penalties for data breaches if the controller has already taken corrective actions.
Supervisory authorities under GDPR can choose not to impose penalties for data breaches if the controller has already taken corrective actions.
The Draft Law amending the German Federal Data Protection Act (BDSG) introduces significant changes to data protection regulations in Germany, including the institutionalization of the Data Protection Conference (DSK) and amendments to data subject access rights and scoring practices.
The European Court of Justice upheld a regulation requiring two fingerprints on identity cards in Germany to combat identity theft, despite some civil rights activists expressing disappointment.
Civil society groups urge the EDPB to reject Meta’s “consent or pay” model, fearing it undermines EU privacy laws.
EU Court clarifies GDPR rules on personal data auctioning for ads, emphasizing consent and IAB Europe’s joint controller role.
CJEU decides on the implications of storing personal data of individuals convicted of crimes under EU Directive 2016/680, focusing on the right to erasure and the principle of proportionality.
Judgment by the EU top court clarifies the right of individuals to access their personal data undergoing processing.
The President of the European Tribunal rejected a request for a suspension of execution regarding the EU-US data protection framework, stating that the plaintiff failed to prove urgency or potential for serious and irreparable harm.
CJEU has issued a ruling that could impact Meta’s ability to track user data across its platforms without explicit consent.
EDPS has approved the CJEU’s use of Cisco Webex, as it meets data protection standards.
This ruling provides much needed clarity on an individual’s ability to seek legal recourse for violations of their data privacy rights.