Poland wants closer ties with the ITU as the nation begins its EU Council presidency (Jan. 1 - June 30), Secretary of State Michal Gramatyka, Ministry for Digital Affairs, said at the recent Data Protection Day conference in Brussels. This initiative has implications for privacy and data protection issues and policies, Gramatyka wrote in an email Friday.
The Council of Europe has begun work on data protection and neurotechnology guidelines, which it expects to complete in around two years, sources told us. The interplay between neurotechnology and data protection is important given the growing use of the technology beyond the medical sphere, speakers said at a Data Protection Day conference in Brussels on Tuesday.
The European Court of Justice's General Court ruled Wednesday that the Irish Data Protection Commission (DPC) acted unlawfully when it refused to investigate a complaint from Noyb, the Austrian privacy organization. The ruling was issued in Data Protection Commission v. European Data Protection Board (joined cases T‑70/23, T‑84/23 and T‑111/23).
Despite financial pressure, geopolitical instability, more data protection rules and other challenges, the privacy profession continues demonstrating "an extraordinary capacity for adaption and resilience," the International Association of Privacy Professionals (IAPP) said in a report published Tuesday. Nine of 10 companies responding to this year's survey said they feel at least somewhat confident about their privacy governance program, it said.
European collaboration with the U.S. on privacy issues is going to be tough, representatives from the European Commission and European Parliament said Tuesday at a Data Protection Day conference in Brussels.
Finding common ground on data protection "remains a challenging task, primarily because privacy is deeply shaped by cultural, legal, and economic contexts," Ginervra Cerrina Feroni, vice-president of Italian privacy watchdog Garante, said in an email. The General Data Protection Regulation (GDPR), for example, is rooted in a fundamental rights-based approach, while frameworks like the Global Cross Border Privacy Rules (CPBR) system emphasize voluntary compliance and flexibility, reflecting different traditions and priorities.
President Donald Trump's reported decision to fire the three Democratic members of the Privacy and Civil Liberties Oversight Board (PCLOB) is raising concerns about the future of the hard-won trans-Atlantic data privacy framework (DPF), privacy experts said. It's not yet clear what impact Trump's Executive Order might have, however, and the European Commission is monitoring the situation, it said.
There are grounds for "intense" collaboration among authorities responsible for enforcing EU digital laws such as the General Data Protection Regulation (GDPR) and AI Act (AIA), privacy lawyer Petruta Pirvan said during a Sypher webinar Wednesday in Bucharest, Romania. Especially in the context of AI systems that process personal data, logic is strong for regulators cooperating, said Pirvan, a member of the European Commission's GPAI code of practice working group.
U.K. regulator Ofcom Thursday issued industry guidance detailing how apps and sites can implement effective age checks to keep children from encountering online porn and protect them from other harmful content. Pornography providers have until July to introduce age checks, it said. The office also published a statement on age assurance and children's access, and warned that its age assurance enforcement program is open for business.
Companies deploying AI in ways that the EU AI Act has banned have until Feb. 2 to stop using them, but exactly how to do that remains unclear, privacy experts told us. The European Commission consulted with stakeholders in December on the practical aspects of compliance and plans to issue guidance ahead of the deadline, an EC spokesperson emailed.