GDPR

Close-up of a tablet screen displaying a list of Microsoft Office apps. Visible apps include Outlook, OneDrive, Word, Excel, PowerPoint, OneNote, SharePoint, Teams, Yammer, and Admin. Each app has its respective colorful icon next to its name. The screen has a soft blurred edge.

October 14, 2025

Austria finds Microsoft illegally tracked students

Austrian regulator found Microsoft 365 Education illegally tracked students via cookies; Microsoft must grant data access and faces scrutiny over transparency and GDPR compliance.

Two overlapping white speech bubble cutouts on a vibrant pink background. The cutouts have a textured appearance, and both point towards the bottom left. The bold contrast between the white speech bubbles and pink background creates a striking visual effect.

October 13, 2025

EU delays Chat Control plans after member states fail to agree

EU plans to force scanning of encrypted messages were postponed after Germany opposed Chat Control; critics say it would weaken encryption, harm security and push users to risky alternatives.

A wooden gavel rests on a closed book, overlaid with the European Union flag featuring yellow stars on a blue background. The composition suggests themes of law and governance within the EU.

September 26, 2025

CJEU confirms GDPR compensation cannot be replaced by prohibitory injunctions

The CJEU rules prohibitory injunctions cannot reduce or replace GDPR compensation for past non‑material damage from unlawful data disclosures, reaffirming a distinct compensatory right.

A chocolate chip cookie with a bite taken out rests on a white background. Crumbs are scattered around, adding texture to the scene. The cookie is golden brown with visible chocolate chips, and its rough, crumbly texture is evident.

September 26, 2025

EU considers changes to cookie consent rules

EU plans to simplify cookie consent rules to reduce repetitive banners, propose browser-level preferences and possible GDPR alignment, drawing industry support and privacy concerns.

Lady Justice statue holding a sword and scales stands before a background of the European Union flag, which features a blue field with a circle of twelve yellow stars. The statue symbolizes justice, with a blindfold representing impartiality.

September 11, 2025

Advocate General: Legal recognition of gender identity must not be conditioned on surgery

EU law may bar national rules requiring surgery to change gender markers in civil documents, protecting free movement, privacy and accurate identity data.

September 11, 2025

CJEU clarifies GDPR remedies and compensation for moral harm

The CJEU ruled GDPR does not create a mandatory right to a preventive injunction but allows compensation for moral harm even for non‑serious distress, and injunctions cannot replace damages.

A blurred close-up of a computer screen displaying rows of numerical data. The numbers are arranged in columns, separated by commas. The overall tone is white and gray, conveying a sense of analytical or technical information being processed or analyzed.

September 10, 2025

Court of Justice clarifies identifiability under GDPR

Court of Justice rules SRB should have informed Banco Popular claimants before sharing their comments, clarifies assessment of pseudonymisation and controller-focused identifiability under EU data law.

September 10, 2025

Meta asks CJEU to reinstate challenge to EDPB Opinion on valid consent

Meta appeals the General Court’s dismissal of its challenge to EDPB Opinion 08/2024, arguing procedural and legal errors on reviewability, liability, judicial protection, and reasoning.

A digitally manipulated image blending the EU and US flags. The stars from the EU flag overlay the blue field of stars from the US flag, while the red and white stripes of the US flag merge into the blue background of the EU flag, creating a textured, intertwined appearance.

September 9, 2025

EU General Court Upholds EU‑US Data Privacy Framework

Eu court dismissed Latombe’s annulment of the EU‑US Data Privacy Framework, allowing data transfers to continue while advocates signal likely further legal challenges.

September 8, 2025

CNIL fines Google €325 million and SHEIN €150 million for cookie non-compliance

The CNIL fined Google (€325M) and SHEIN (€150M) for cookie and ad consent breaches, stressing free, informed consent and sanctioning covert tracking and cookie-wall practices.

Unmade bed with white sheets and pillows next to a large window. Outside, an urban cityscape with tall buildings and a variety of architectural styles is visible. The scene is bright, suggesting daytime, and the view captures a mix of modern and older structures.

September 2, 2025

Spains DPA fines hotels over scanning guest identity documents

AEPD fines Iberostar unit €70,000 for requiring full ID copies at booking; authority stresses GDPR data minimisation and that copies are unnecessary and risky for guest registration.

Airplane wing with a red tip against a clear blue sky. Below, there is an expanse of ocean meeting a sandy coastline, with some white clouds near the coast. The horizon divides the blues of the sky and sea, creating a serene aerial scene.

August 13, 2025

IMY reprimands Flightradar24 for unlawful handling of aircraft owners’ data

IMY reprimanded Flightradar24 for GDPR breaches after routinely demanding aircraft registration certificates, requiring improved erasure procedures and proportional identity verification.

«‹ 4 5 6 7 ›»

Support GDPR buzz!

Get notified about news & resources