On February 28, 2024, the European Data Protection Board announced the launch of its latest Coordinated Enforcement Framework action on the right of access.
Continue Reading EDPB Launches Coordinated Enforcement Framework on Right of Access
European Data Protection Board
EDPB Adopts Opinion on the Notion of Main Establishment
On February 13, 2024, the European Data Protection Board (“EDPB”) adopted Opinion 04/2024 on the notion of the main establishment of a controller in the Union under Article 4(16)(a) of the EU General Data Protection Regulation (“GDPR”) (the “Opinion”).Continue Reading EDPB Adopts Opinion on the Notion of Main Establishment
CNIL Publishes 2024 Investigation Focus Plan
On February 8, 2024, the French Data Protection Authority announced the priority topics for its inspections in 2024. This blog entry provides a summary of the key topics.
Continue Reading CNIL Publishes 2024 Investigation Focus Plan
EDPB Publishes Guidelines to Clarify Scope of EU “Cookie” Notice and Consent Requirements
On November 16, 2023, the European Data Protection Board published its Guidelines 2/2023 on the Technical Scope of Art. 5(3) of the ePrivacy Directive.
Continue Reading EDPB Publishes Guidelines to Clarify Scope of EU “Cookie” Notice and Consent Requirements
Irish Regulator Fines TikTok 345 Million Euros
On September 15, 2023, the Irish Data Protection Commission announced a fine of 345 million Euros against TikTok Technology Limited for non-compliance with GDPR rules regarding the processing of personal data from child users. …
Continue Reading Irish Regulator Fines TikTok 345 Million Euros
European Data Protection Board Issues Information Note on Data Transfers under the Data Privacy Framework
On July 19, 2023, the European Data Protection Board issued an Information Note regarding data transfers to the U.S. following the adoption of an adequacy decision on the EU-U.S. Data Privacy Framework on July 10, 2023.
Continue Reading European Data Protection Board Issues Information Note on Data Transfers under the Data Privacy Framework
Norwegian DPA Adopts Measures Regarding Meta’s Behavioral Advertising Activities
On July 14, 2023, the Norwegian Data Protection Authority ordered Meta Platforms Ireland Limited and Facebook Norway AS to temporarily cease the processing of personal data of data subjects in Norway for the purpose of targeting ads on the basis of “observed behavior” when relying on the contractual necessity legal basis or the legitimate interests legal basis of the GDPR. …
Continue Reading Norwegian DPA Adopts Measures Regarding Meta’s Behavioral Advertising Activities
EDPB Adopts Guidance on Controller Binding Corporate Rules
On June 30, 2023, the European Data Protection Board published Recommendations 1/2022 on the Application for Approval and on the elements and principles to be found in Controller Binding Corporate Rules (Art. 47 GDPR), which were adopted on June 20, 2023. …
Continue Reading EDPB Adopts Guidance on Controller Binding Corporate Rules
EDPB Adopts Guidelines on the Calculation of Administrative Fines
On June 7, 2023, the European Data Protection Board adopted the final version of its Guidelines on the calculation of administrative fines under the GDPR. …
Continue Reading EDPB Adopts Guidelines on the Calculation of Administrative Fines
EDPB Elects a New Chair
On May 25, 2023, the European Data Protection Board elected Anu Talus, head of the Finish data protection authority, as its new Chair, replacing Andrea Jelinek. …
Continue Reading EDPB Elects a New Chair