The EU General Data Protection Regulation gives people the right to human intervention in algorithmic decisions that affect them, the Dutch Data Protection Authority said Wednesday.

The Polish data authority fined McDonald's and a vendor for the restaurant chain after a data breach occurred in a personnel system the vendor managed.

The U.K. is providing adequate protection for personal data transferred from the EU, the European Commission said Tuesday, initiating the process to adopt a new adequacy decision.

Chinese tech company WeChat complies with local laws and regulations in the markets in which it operates and "is committed to protecting user privacy and data security," a spokesperson for parent company Tencent emailed us Friday.

General-purpose AI (GPAI) model providers should start complying with the EU AI Act, European Commission officials said during a Friday briefing. The EC's AI office can help, they added, but will "be strict with you" starting in August 2026.

Correction: The data deletion request framework endorsed by the U.K. Information Commissioner's Office (see 2507150005) was developed by the Interactive Advertising Bureau Tech Lab, which is independent of the IAB.

Using AI to recognize emotions is "dubious and risky," the Dutch Data Protection Authority (AP) said Tuesday.

AI and data breaches were among top issues last year for Italian data protection authority Garante, it said Tuesday in an annual report.

Under the U.K. Online Safety Act, Reddit will now collect and verify U.K.-based users' ages before allowing them to view certain adult content, it announced Monday.

From Tuesday, innovative companies and public entities in the EU can transfer personal data to the European Patent Organisation without needing additional safeguards, the European Commission and EPO announced.