Court of Appeal upholds GDPR fine against Grindr
Norwegian court upheld a major GDPR fine against Grindr for improper processing and sharing of sensitive and location data, stressing stricter requirements for consent, minimization and safeguards.
cybersecurity
EU delays Chat Control plans after member states fail to agree
EU plans to force scanning of encrypted messages were postponed after Germany opposed Chat Control; critics say it would weaken encryption, harm security and push users to risky alternatives.
Investigation reveals sale of precise phone movement data in Ireland
Undercover RTÉ reporting shows minute-by-minute smartphone location data for tens of thousands in Ireland is being sold, enabling re-identification and raising serious privacy and security concerns.
AI browsers leak personal data
Study finds major AI browser assistants transmit sensitive personal data, likely breaching GDPR and requiring stronger consent, transparency, and technical safeguards.
Ireland’s DPA Launches Toolkit to Safeguard Vulnerable Adults’ Data
New DPC Adult Safeguarding Toolkit guides organisations on GDPR-compliant collection, storage and sharing of vulnerable adults’ personal data with practical templates and sector collaboration.
German Court Restricts Police Use of Spyware
German high court restricts law enforcement use of spyware to cases with at least a three-year maximum sentence, citing severe interference with fundamental rights.
EDPB announces forthcoming unified GDPR breach reporting form
EDPB will publish an EU-wide GDPR breach notification template to standardize reporting, aid cross-border compliance, and support accompanying guidance and tools.
Microsoft Admits U.S. Access Risk to EU Citizen Data
Microsoft France admits it cannot guarantee French citizen data in EU datacenters is fully protected from U.S. government access, highlighting digital sovereignty challenges.
McDonald’s in Poland Fined €3.6 million for Employee Data Exposure and Security Failures
Polish Data Protection Authority fined McDonald’s and its processor over €3.6 million for GDPR violations after employee data exposure due to poor security and oversight.
CNIL Analysis Shows GDPR’s Economic Impact on Cybersecurity and Identity Theft Prevention
GDPR has significantly reduced cyber damages in the EU by encouraging better cybersecurity investments and lowering identity theft losses by up to €1.4 billion.
EU Experts Warn Against Weakening Encryption in ProtectEU Plan
EU experts warn that weakening encryption under ProtectEU risks privacy, security, and human rights, urging the Commission to protect strong encryption standards.
Vodafone Faces €45 Million GDPR Fine Over Partner Fraud and Security Issues
The BfDI found Vodafone €45 million for data protection failures linked to partner fraud and security flaws, prompting the company to enhance its compliance and security measures.