Belgian DPA publishes guidance on interplay between GDPR and AI Act
The Belgian DPA’s guidance clarifies the compliance of AI systems with GDPR, emphasizing the role of Data Protection Officers and the need for transparency and human oversight.
transparency
French Data Protection Authority (CNIL) Gains New Powers
France’s law No. 2024-449 enhances the CNIL’s enforcement powers, enabling document seizure and oversight of digital service regulations.
GPEN Sweep 2024 Report on Deceptive Design Patterns Published
The GPEN Sweep 2024 report highlights the prevalence of deceptive design patterns in websites and apps, urging stricter enforcement of data protection laws and more transparent design practices.
Court reduces Spotify GDPR fine to 4 Million Euros
The Administrative Court reduced Spotify AB’s GDPR sanction to 40 million euros.
noyb Files GDPR Complaint Against Google’s Privacy Sandbox
noyb files GDPR complaint against Google’s Privacy Sandbox for misleading users with hidden tracking features, raising concerns about transparency and user consent in data privacy.
Luxembourg launches ‘Data Accountability from A to Zen’ tool
Luxembourg DPA has introduced DAAZ, a tool designed to help SMEs in Luxembourg comply with GDPR regulations.
ChatGPT data accuracy still does not meet GDPR requirements
EU privacy watchdog scrutinizes ChatGPT’s data accuracy compliance under GDPR, highlighting risks of biased or inaccurate outputs, urging OpenAI to enhance transparency and reliability.
ChatGPT Compliance with EU GDPR Under Scrutiny
EU taskforce reviews OpenAI’s ChatGPT under GDPR, highlighting legal uncertainties and privacy risks amidst complaints.
Uber Fined €10 million for GDPR Violations
Uber incurs a 10 million euro GDPR fine for opaque data handling practices.
AP demands clarity from tech companies on AI aimed at children
The Dutch Data Protection Authority (AP) is scrutinizing the use of AI, particularly chatbots, in children’s apps over concerns of data privacy and transparency.
Spotify fined € 5 Million for GDPR violation
The Swedish Data Protection Authority imposed a hefty fine of €5 Million on Spotify due to their failure to GDPR non-compliance.
CJEU: Right of Access Allows Data Subjects to Request the Identity of Each Data Recipient
CJEU ruled that under GDPR an individual has the right to request the identity of each entity to whom the data controller has disclosed their personal data.