Polish Data Protection Authority fined McDonald’s and its processor over €3.6 million for GDPR violations after employee data exposure due to poor security and oversight.
The DPC has launched an inquiry into TikTok’s transfer of EEA user data to China, focusing on GDPR compliance and the legality of cross-border data transfers.
The Irish Data Protection Commission’s 2025 case studies reveal key trends in GDPR enforcement, with fines up to €1.2 million for breaches involving access requests, security failures, and transparency issues.
GDPR has significantly reduced cyber damages in the EU by encouraging better cybersecurity investments and lowering identity theft losses by up to €1.4 billion.
The EU’s new Draft Regulation aims to speed up GDPR enforcement by improving cooperation between data protection authorities and setting clear investigation deadlines.
The DPC fined the Department of Social Protection €550,000 for GDPR violations related to biometric data processing in Public Services Card registration.
The High Court granted TikTok a stay on the DPC’s data transfer suspension to China until October while the full legal challenge, including a €530 million fine, is considered.
TikTok seeks to halt an Irish court-ordered suspension of data transfers to China following a €530 million GDPR fine by the Data Protection Commission.
The Belgian Market Court annulled part of the APD’s decision on IAB Europe’s TCF, limiting its joint controllership to TC Strings only, aligning with the CJEU ruling.
The Irish DPC fined TikTok €530 million for GDPR breaches related to inadequate protection of European user data transferred to China.
EU GDPR procedural reform risks increasing complexity and delays in cross-border enforcement despite aims to streamline cooperation between data protection authorities.
The DPC has launched an inquiry into XIUC’s processing of EU/EEA users’ personal data for training Grok LLMs, focusing on GDPR compliance and transparency.