Undercover RTÉ reporting shows minute-by-minute smartphone location data for tens of thousands in Ireland is being sold, enabling re-identification and raising serious privacy and security concerns.
Study finds major AI browser assistants transmit sensitive personal data, likely breaching GDPR and requiring stronger consent, transparency, and technical safeguards.
New DPC Adult Safeguarding Toolkit guides organisations on GDPR-compliant collection, storage and sharing of vulnerable adults’ personal data with practical templates and sector collaboration.
German high court restricts law enforcement use of spyware to cases with at least a three-year maximum sentence, citing severe interference with fundamental rights.
EDPB will publish an EU-wide GDPR breach notification template to standardize reporting, aid cross-border compliance, and support accompanying guidance and tools.
Microsoft France admits it cannot guarantee French citizen data in EU datacenters is fully protected from U.S. government access, highlighting digital sovereignty challenges.
Polish Data Protection Authority fined McDonald’s and its processor over €3.6 million for GDPR violations after employee data exposure due to poor security and oversight.
GDPR has significantly reduced cyber damages in the EU by encouraging better cybersecurity investments and lowering identity theft losses by up to €1.4 billion.
EU experts warn that weakening encryption under ProtectEU risks privacy, security, and human rights, urging the Commission to protect strong encryption standards.
The BfDI found Vodafone €45 million for data protection failures linked to partner fraud and security flaws, prompting the company to enhance its compliance and security measures.
Meta and Yandex exploit Android local ports to link browsing data with app identities, bypassing privacy protections and raising serious GDPR concerns.
EU data watchdog blocks routine personal data transfers to India, citing insufficient data protection under India’s yet-to-be-implemented DPDP Act.