Hundreds of thousands of Grok chats found in search results
Searchable links to Grok chat transcripts have exposed hundreds of thousands of user conversations, raising serious GDPR and privacy concerns about shared AI chats.
Searchable links to Grok chat transcripts have exposed hundreds of thousands of user conversations, raising serious GDPR and privacy concerns about shared AI chats.
EDPB will publish an EU-wide GDPR breach notification template to standardize reporting, aid cross-border compliance, and support accompanying guidance and tools.
Polish Data Protection Authority fined McDonald’s and its processor over €3.6 million for GDPR violations after employee data exposure due to poor security and oversight.
The Irish Data Protection Commission’s 2025 case studies reveal key trends in GDPR enforcement, with fines up to €1.2 million for breaches involving access requests, security failures, and transparency issues.
GDPR has significantly reduced cyber damages in the EU by encouraging better cybersecurity investments and lowering identity theft losses by up to €1.4 billion.
The DLA Piper GDPR Fines and Data Breach Survey 2025 provides valuable insights into the enforcement landscape of the GDPR over the past year.
Ireland imposed over half of Europe’s GDPR fines in 2024, totaling €3.5 billion since 2018, with a notable decline in penalties compared to previous years.
CNIL outlines its strategic priorities for AI governance and data protection ahead of the Paris AI summit, addressing rising privacy concerns and collaboration with European authorities.
Meta challenges a €91 million fine from Ireland’s DPC for improperly storing user passwords, claiming the penalty is excessive and misapplied under GDPR.
Meta faces a €251 million fine from the DPC for a data breach affecting 29 million accounts, with plans to appeal the decision.
The Federal Court of Justice ruled that Facebook must compensate a user for immaterial damages due to a data breach, emphasizing the significance of data control under GDPR.
Supervisory authorities under GDPR can choose not to impose penalties for data breaches if the controller has already taken corrective actions.