On 28 October 2024, the National Supervisory Authority for the Processing of Personal Data in Romania (ANSPDCP) concluded an investigation into Vodafone Romania SA, identifying a breach of Article 32 of the General Data Protection Regulation (GDPR).…
On 28 October 2024, the Danish Data Protection Agency (DPA) concluded its investigation into Boliglag ApS, determining that the company had engaged in the illicit processing of homeowner data on its website. The investigation, which commenced in Mar…
On 28 October 2024, the National Information Security Standardisation Technical Committee (TC260) closes its public consultation on the "Cybersecurity Technology, Security Technology, Cybersecurity, Part 7: Guidelines for Network Virtualization Secu…
On 24 October 2024, the Spanish Data Protection Agency (AEPD) adopted a technical note on LIINE4DU 1.0 methodology for threat modelling for privacy and data protection. The note seeks to aid organisations within the European Union in managing privac…
On 24 October 2024, the Supreme Court of Massachusetts issued a ruling in the lawsuit challenging information obtained from browsing activities without user consent using analytics tools. The Court ruled that the state's wiretapping law does not app…
On 24 October 2024, the Data Protection Commission (DPC) issued its decision following the investigation into LinkedIn imposing an EUR 310 million fine. The investigation was initiated in response to a complaint from the French non-profit organisati…
On 23 October 2024, the Personal Information Protection Commission (PIPC) adopted an order to strengthen measures aimed at combating the exposure and illegal distribution of personal data online. The order is intended to prevent secondary damage, su…
On 24 October 2024, the Personal Information Protection Commission (PIPC) issued a ruling in an investigation into two e-commerce businesses. The PIPC determined that Neopharm and Ilhak failed to protect personal information under the Personal Infor…
On 23 October 2024, the Norwegian government announced plans to raise the age limit for children’s consent to social media processing of their personal data from 13 to 15 years under the Personal Data Act. The proposal aims to protect children from …
On 23 October 2024, the Data (Use and Access) Bill was introduced to the United Kingdom’s parliament. The Bill introduces a framework to regulate the access, sharing, and protection of customer and business data across various sectors. The Bill empo…