Luxembourg's National Data Protection Commission (CNPD) and other sectoral regulators would oversee enforcing compliance with the EU AI Act under draft legislation pending in the country's parliament, Pinsent Mason lawyers reported. CNPD would be the lead authority.

Better cross-regulatory cooperation is needed to avoid inconsistent application of European digital laws, the European Data Protection Supervisor (EDPS) said Wednesday. The office published a plan for Digital Clearinghouse 2.0, which proposes a consistent, coherent enforcement approach for EU laws regulating digital markets.

The European Parliament Civil Liberties, Justice and Home Affairs Committee Thursday will vet candidates for European Data Protection Supervisor for 2025-2030. The contenders proposed by the European Commission are: Bruno Gencarelli, Francois Pellegrini, Ana Pouliou and current supervisor Wojciech Wiewiorowski. The European Parliament and the European Council jointly appoint the EDPS.

Mobile apps often process personal data that users provide or is collected directly when the app accesses resources in smartphones and tablets, French data protection agency CNIL said Tuesday, according to an unofficial translation.

The U.K. Information Commissioner's Office Monday welcomed government plans that "turbocharge" AI across the nation during the next decade. Prime Minister Keir Starmer backed a set of 50 recommendations in an AI Opportunities Action Plan aimed at positioning the U.K. ahead of the world on the technology.

During its Jan. 16 meeting, the European Data Protection Board could approve guidelines relating to the General Data Protection Regulation's Article 4 (5), which covers pseudonymization of data. Other items on the agenda include discussion of a position paper on the interplay of competition law and data protection, and a potential update of board guidelines on Data Protection Officers.

Transport companies lack legitimate interest under the EU General Data Protection Regulation (GDPR) in requiring customers to indicate their title before purchasing train tickets, the European Court of Justice (ECJ) held in a preliminary ruling Thursday.

The European Border and Coast Guard Agency (Frontex) violated EU law when it transmitted the personal data of suspects of cross-border crimes to Europol, the EU's law enforcement cooperation agency, the European Data Protection Supervisor (EDPS), announced Wednesday. The EDPS is responsible for monitoring personal data processing by EU institutions and bodies. In October 2022, it audited Frontex's activities when assisting EU countries at external borders in joint operations.

Norwegian data protection authority Datatilsynet advised against further changes in the use of health registers. The warning responds to proposed amendments of the country's Health Research Act. In addition, in an unofficial translation, Datatilsynet said establishing research registries merits further investigation, noting that processing health data is, in principle, prohibited under the General Data Protection Regulation. The authority said the proposals would mean significant change in the field of health registers in favor of research, without a corresponding focus on the rights and freedoms of the registries.

The Danish Data Protection Authority plans to focus on child protection, real-life digital tracking and data subjects' right to erasure this year, it announced, according to an unofficial translation. Other priorities include generative AI and healthcare, and processing personal data in pan-European information systems. The authority noted it could also bring own-initiative cases based on complaints and other input.