1+ hour, 29+ min ago  (964+ words) Navigating the new EU cybersecurity standards: The NIS2 Directive and Cyber Resilience Act Happy anniversary, NIS2: Too soon to celebrate? NIS2 and Ireland's National Cyber Security Bill: What management boards must know and do Saudi Arabia's data protection authority steps up enforcement "Where…...

20+ hour, 24+ min ago  (252+ words) This resource maps the interplays between the Data Act and the GDPR. Principal Researcher, Privacy Law and Policy The EU Data Act creates new rules on who can access and use data generated in the EU across all economic sectors....

1+ day, 23+ hour ago  (491+ words) EDPB releases reports on CEF, anonymization stakeholder workshop SRB pseudonymization case withdrawn from EU General Court CJEU clarifies personal data definition in context of pseudonymization The organizational challenges of personal data as a dual-threat asset Security obligations under GDPR still…...

1+ day, 23+ hour ago  (489+ words) US executive order will address brokers' sensitive data transfers to 'countries of concern' Data brokers, beware: Distinguishing PADFAA from the DOJ's DSP IAPP P.S.R. 2024: The blueprint to protecting US data from adversarial regimes The organizational challenges of personal data as a…...

1+ week, 6+ day ago  (559+ words) Tracking the shifts: Age assurance in motion Mind the gap: Understanding age verification and assurance Notes from the Asia-Pacific region: India looks to DPDPA compliance Notes from the Asia-Pacific region: India releases DPDPA rules, AI governance guidelines Parenting in the…...

1+ week, 6+ day ago  (410+ words) California privacy enforcement in 2026: A discussion with CalPrivacy's Tom Kemp Gaps in website opt-out functionality under the microscope in privacy enforcement There's no opting-out of universal opt-outs California Attorney General Rob Bonta announced his office reached the largest California Consumer…...

2+ week, 20+ hour ago  (720+ words) EU Digital Omnibus: Analysis of key changes EU Digital Omnibus: What the proposed changes to the concept of personal data mean in practice European Commission proposes significant reforms to GDPR, AI Act EU Digital Omnibus amendments to GDPR to facilitate…...

2+ week, 23+ hour ago  (981+ words) Notes from the IAPP Canada: Cameras are everywhere, but how should they best be governed? CJEU clarifies personal data definition in context of pseudonymization Key takeaways from the CJEU's recent automated decision-making rulings CJEU says observed personal data is collected…...

2+ week, 1+ day ago  (372+ words) Court upholds EDPB's authority after challenge from Ireland's DPC EDPB weighs in on key questions on personal data in AI models EU enforcement and guidance: A discussion with EDPB Chair Anu Talus CJEU clarifies personal data definition in context of…...

2+ week, 2+ day ago  (683+ words) FTC workshop details age verification tools, regulatory efforts Are new global age verification requirements creating a children's online safety legal patchwork? FTC finalizes COPPA Rule amendments FTC shares insight into its children's privacy priorities Verification systems are shaping how organizations…...