On November 19, the European Commission (EC) released its EU Digital Omnibus proposal – a 153-page document accompanied by an explanatory memorandum and a Staff Working Document. This proposal introduces amendments, deletions, and replacements to several cornerstone EU digital laws, including: The GDPR. The Data Act. The AI Act. The ePrivacy Directive. Other instruments such […]
EU Data Protection
European Commission Moves to Extend Free Flows of Personal Data to the UK
On March 18, 2025, the European Commission proposed to extend its adequacy decision in favor of the United Kingdom (‘UK’) for an additional six-month period. This would allow free flows of personal data from the EU to the UK to continue until December 2025. The existing adequacy decision – which was adopted in 2021 in […]
EDPB Adopts Opinion on the Use of Processors and Sub-processors
On October 7, 2024, the European Data Protection Board (“EDPB”) adopted an opinion on obligations following from the use of processors and sub-processors (the “Opinion”). The EDPB is the body that seeks to ensure harmonised application of the EU GDPR across the European Economic Area (“EEA”) and is comprised of the heads of the data […]
Dutch Data Protection Authority Warns that Using AI Chatbots Can Lead to Personal Data Breaches
On August 6th, the Dutch Data Protection Authority (DPA) issued guidance cautioning companies about the potential data protection risks associated with the use of Artificial Intelligence (AI)-powered chatbots. In its guidance, the DPA reports that it has recently received several notifications of personal data breaches caused by employees sharing personal data with a chatbot that […]
International Data Transfers: Lessons from the EDPB’s “101 Task Force”
In August 2020, privacy activist organization NOYB – European Center for Digital Rights filed 101 complaints with the EU Supervisory Authorities (‘SAs’) in connection with the transfer of personal data from Europe to the U.S., by companies that had implemented “Google Analytics” and “Facebook Business Tools” on their websites. Following these complaints, the European Data […]