Thirty years after the idea of restricting international data transfers was conceived, companies find themselves facing a greater level of "dogmatism" than ever and geopolitical tensions could take restrictions to an even higher level, Hogan Lovells privacy and cybersecurity attorneys said during a podcast. Driven by U.S. rules hampering some data flows to China and several other countries, personal data protection is morphing into national security protection. One way to navigate the maze could be a greater focus on binding corporate rules (BCRs), they said.
Privacy and data protection laws are mushrooming, with nearly 150 countries adopting such regulations, speakers said during a Thursday IAPP webinar. There are 144 nations with national data protection measures, covering nearly 82% of the world's population, IAPP said in an updated report.
The European Commission withdrew two controversial pieces of legislation from its 2025 work program, bringing cheers Wednesday from the tech sector as a consumer group jeered.
The European Commission and U.K. Information Commissioner's Office (ICO) are responding cautiously to questions about the implications for trans-Atlantic data flows of reports that Elon Musk is accessing the personal data of millions of Americans. However, the Danish Data Protection Authority (DPA) recently warned businesses that the activities of the Trump Administration could threaten the EU-U.S. Data Privacy Framework (DPF).
The European Commission hasn't taken formal steps under the AI Act (AIA) concerning the DeepSeek AI chatbot, an EC spokesperson told us. However, several EU data protection authorities (DPAs) are probing whether DeepSeek has complied with the General Data Protection Regulation (GDPR).
Poland wants closer ties with the ITU as the nation begins its EU Council presidency (Jan. 1 - June 30), Secretary of State Michal Gramatyka, Ministry for Digital Affairs, said at the recent Data Protection Day conference in Brussels. This initiative has implications for privacy and data protection issues and policies, Gramatyka wrote in an email Friday.
The Council of Europe has begun work on data protection and neurotechnology guidelines, which it expects to complete in around two years, sources told us. The interplay between neurotechnology and data protection is important given the growing use of the technology beyond the medical sphere, speakers said at a Data Protection Day conference in Brussels on Tuesday.
The European Court of Justice's General Court ruled Wednesday that the Irish Data Protection Commission (DPC) acted unlawfully when it refused to investigate a complaint from Noyb, the Austrian privacy organization. The ruling was issued in Data Protection Commission v. European Data Protection Board (joined cases T‑70/23, T‑84/23 and T‑111/23).
Despite financial pressure, geopolitical instability, more data protection rules and other challenges, the privacy profession continues demonstrating "an extraordinary capacity for adaption and resilience," the International Association of Privacy Professionals (IAPP) said in a report published Tuesday. Nine of 10 companies responding to this year's survey said they feel at least somewhat confident about their privacy governance program, it said.
European collaboration with the U.S. on privacy issues is going to be tough, representatives from the European Commission and European Parliament said Tuesday at a Data Protection Day conference in Brussels.