EU considers changes to cookie consent rules
EU plans to simplify cookie consent rules to reduce repetitive banners, propose browser-level preferences and possible GDPR alignment, drawing industry support and privacy concerns.
technology
New EU rules require fingerprints and facial images at Schengen borders
The EU’s Entry/Exit System will record fingerprints, facial images and passport data of non-EU short-stay visitors for up to three years to streamline checks and enforce the 90/180-day rule.
CNIL fines Google €325 million and SHEIN €150 million for cookie non-compliance
The CNIL fined Google (€325M) and SHEIN (€150M) for cookie and ad consent breaches, stressing free, informed consent and sanctioning covert tracking and cookie-wall practices.
EDPS closes proceedings after Commission fixes Microsoft 365 data protection issues
EDPS finds the European Commission’s Microsoft 365 use compliant with Regulation (EU) 2018/1725 after contractual, technical and organisational measures addressed purpose limitation, transfers and disclosures.
Microsoft Admits U.S. Access Risk to EU Citizen Data
Microsoft France admits it cannot guarantee French citizen data in EU datacenters is fully protected from U.S. government access, highlighting digital sovereignty challenges.
McDonald’s in Poland Fined €3.6 million for Employee Data Exposure and Security Failures
Polish Data Protection Authority fined McDonald’s and its processor over €3.6 million for GDPR violations after employee data exposure due to poor security and oversight.
Germany’s Data Watchdog Calls for DeepSeek Ban
Germany’s data watchdog accuses DeepSeek of unlawful data transfers to China, prompting potential EU-wide app bans under GDPR rules.
Data Protection Commission Issues €550,000 Fine Over DSP Biometric Data Use
The DPC fined the Department of Social Protection €550,000 for GDPR violations related to biometric data processing in Public Services Card registration.
EU Experts Warn Against Weakening Encryption in ProtectEU Plan
EU experts warn that weakening encryption under ProtectEU risks privacy, security, and human rights, urging the Commission to protect strong encryption standards.
Vodafone Faces €45 Million GDPR Fine Over Partner Fraud and Security Issues
The BfDI found Vodafone €45 million for data protection failures linked to partner fraud and security flaws, prompting the company to enhance its compliance and security measures.
Meta’s Use of EU Data for AI Training Upheld by German Court Despite Criticism
The Higher Regional Court of Cologne upheld Meta’s lawful use of public EU data for AI training under GDPR, despite ongoing criticism from German data protection authorities.
Meta Faces GDPR Action for Using European Data in AI Training
Noyb and German consumer group challenge Meta’s AI training using European data without GDPR-compliant legal basis, demanding immediate halt and compliance.