The European Commission withdrew two controversial pieces of legislation from its 2025 work program, bringing cheers Wednesday from the tech sector as a consumer group jeered.
French Data Protection Authority CNIL Friday released two recommendations to support responsible AI innovation while protecting people's rights. The recommendations illustrate how the General Data Protection Regulation (GDPR) fosters development of innovative and responsible AI in Europe, it said. They give concrete solutions for informing people whose data was used and helping them exercise their rights, it said.
Operators of online marketplaces that post free or paid advertisements may be exempt from liability for illegal content under the EU e-commerce directive if they're merely hosting providers, but they're liable under the General Data Protection Regulation (GDPR) for ensuring the security of users' personal data processed with regard to third parties, a European Court of Justice (ECJ) Advocate General (AG) said in an opinion Thursday.
The Dutch Foundation for Market Information Research (SOMI) filed four cross-border class actions in Germany against TikTok and X. Announced Wednesday, the multi-billion-euro lawsuits seek injunctive relief and damages for violations of German and EU law, particularly the Digital Services Act (DSA), General Data Protection Regulation (GDPR) and AI Act (AIA). Leipzig, Germany-based law firm Spirit Legal announced the suits.
Regulators are looking harder at privacy and expanding what constitutes personal data, sensitive data and consumer health information, Grindr Chief Privacy Officer (CPO) Kelly Peterson said Wednesday during Privado’s Bridge Summit. However, Aaron Weller, HP privacy innovation leader, said it’s “not just about laws and regulations” for businesses seeking to prioritize privacy. “It’s also who are your customers and what are your customers’ expectations?”
The European Commission hasn't taken formal steps under the AI Act (AIA) concerning the DeepSeek AI chatbot, an EC spokesperson told us. However, several EU data protection authorities (DPAs) are probing whether DeepSeek has complied with the General Data Protection Regulation (GDPR).
French data protection authority CNIL Friday published the final version of its guide on impact assessment of data transfers. The guide aims to ensure that companies ensure the same level of protection as the General Data Protection Regulation (GDPR) in their data flows.
The European Court of Justice's General Court ruled Wednesday that the Irish Data Protection Commission (DPC) acted unlawfully when it refused to investigate a complaint from Noyb, the Austrian privacy organization. The ruling was issued in Data Protection Commission v. European Data Protection Board (joined cases T‑70/23, T‑84/23 and T‑111/23).
Personal data protection is important but shouldn't be an unnecessary obstacle to innovation and development, the Swedish Data Protection Authority said Tuesday in a newspaper op-ed unofficial translation. Accordingly, there are good reasons to consider criticism of the General Data Protection Regulation (GDPR), it added.
European collaboration with the U.S. on privacy issues is going to be tough, representatives from the European Commission and European Parliament said Tuesday at a Data Protection Day conference in Brussels.