Go to content
${facet.Name} (${facet.TotalResults})
${ item.ShortDescription }
${ item.SearchLabel?.ViewModel?.Label }
See all results
${facet.Name} (${facet.TotalResults})
${ item.ShortDescription }
${ item.SearchLabel?.ViewModel?.Label }
See all results

Regulatory Blog

Binoculars with documents in lenses

${totalItems} results

${customFilterHeading} Showing ${showingItems} of ${totalItems} results ${searchTerm}
${facet.Name} (${facet.TotalResults})
EDPB launches website auditing tool
The European Data Protection Board recently introduced a website auditing tool to improve compliance with the General Data Protection Regulation. This tool, developed within the framework of the EDPB Support Pool of Experts, is intended to be a pivotal resource for both legal and technical auditors at data protection authorities (DPAs), as well as controllers and processors looking to assess their own websites.
CJEU ruling clarifies on liability, damages and TOMs for data breaches
On 14 December 2023, the Court of Justice of the European Union (CJEU) issued a landmark ruling in the case of VB v. Natsionalna agentsia za prihodite (C‑340/21), placing a spotlight on the concept of non-material damage under Article 82 of the EU General Data Protection Regulation (GDPR) and specifically addressing the pivotal issue of the adequacy of technical and organisational measures (TOMs) in the context of a data breach.
Unlocking Europe’s Digital Future: Council of the EU adopts new Data Act
On 27 November, the Council of the European Union (the Council) took a significant step towards making the European Union a global leader in the data-driven economy with the formal adoption of the new Data Act.
EU AI Act approved by Member States
On 2 February 2024, the EU’s Artificial Intelligence Act was unanimously approved by the Council of EU Ministers.
IAB Europe provides key recommendations on improving GDPR enforcement in cross-border cases
On 26 October 2023, the Interactive Advertising Bureau, a European association representing digital marketing and advertising companies, released a paper with recommendations for enhancing GDPR enforcement in cross-border cases. This is in response to the European Commission's aim to simplify GDPR enforcement in these cases.
UK Extension to the EU-US Data Privacy Framework for UK-US personal data transfers
On 12 October 2023, the Data Protection (Adequacy) (United States of America) Regulations 2023 (SI 2023/1028) came into force, with which the UK government adopted an adequacy decision for the US (the UK-US Data Bridge). The UK-US Data Bridge enables UK organisations to freely and securely transfer personal data to certified US companies under the "UK Extension to the EU-US Data Privacy Framework" (UK Extension).
EDPB imposes EU ban on Meta's targeted advertising
On 27 October 2023, the European Data Protection Board issued an urgent binding decision instructing the Irish Data Protection Authority to take definitive action against Meta Ireland Limited within two weeks and impose a ban on the processing of personal data for behavioural advertising in the European Economic Area based on the lawful bases of contract and legitimate interest.
Meta introduces ad-free subscription plans for Instagram and Facebook in Europe to address regulatory challenges
Meta Platforms Ireland Limited, the parent company of Instagram and Facebook, has introduces its ad-free subscription plans for European users. This move aims to address the regulatory scrutiny received by Meta for alleged data protection violations concerning personalised advertising, which could potentially impact Meta's primary revenue source.
European data protection authorities collaborate to enhance GDPR enforcement
On 19 September 2023, the European Data Protection Board and the European Data Protection Supervisor jointly released an opinion on the European Commission's proposal for a regulation on additional procedural rules for enforcing the General Data Protection Regulation.
${ item.Title }
${ item.Description }