DPA is not obliged to impose sanctions, CJEU rules
Supervisory authorities under GDPR can choose not to impose penalties for data breaches if the controller has already taken corrective actions.
Supervisory authorities under GDPR can choose not to impose penalties for data breaches if the controller has already taken corrective actions.
Germany’s revision of its Federal Data Protection Act aims to clarify rules around automatic credit scoring while addressing existing legal challenges.
The DPC fined Meta Platforms Ireland Limited €91 million for failing to secure user passwords and notify authorities of a data breach.
The Belgian DPA’s guidance clarifies the compliance of AI systems with GDPR, emphasizing the role of Data Protection Officers and the need for transparency and human oversight.
Mozilla faces a privacy complaint for allegedly collecting user data in Firefox without consent, raising GDPR compliance concerns.
The European Commission and EDPB are collaborating to clarify the relationship between the DMA and GDPR for digital gatekeepers.
The Irish DPC’s proceedings against X ended with an agreement to halt certain data processing, but concerns about AI data practices and user consent remain unresolved.
EU regulators are tightening oversight on tech firms’ AI development, focusing on GDPR compliance and user data protection.
Germany’s new Section 393 SGB V establishes stricter requirements for processing health data in cloud-computing, impacting healthcare providers and medical research.
Clearview AI faces a €30.5 million fine from the Dutch DPA for illegal photo collection, bringing its total EU fines to €90.5 million under GDPR violations.
Uber faces a €290 million fine for transferring European drivers’ personal data to the U.S., violating GDPR regulations, and plans to appeal the decision.
A data breach in the European Parliament’s recruitment platform, PEOPLE, compromised sensitive information of over 8,000 individuals, raising concerns about security measures and GDPR compliance.