Privacy and data protection
Privacy and data protection are essential for us to live, connect, work, create, organise and more. Governments and companies have long used mass surveillance for control trying to legitimise snooping for health, security or other reasons. The near-total digitisation of our lives has made it easier to control, profile and profit from our attention, data, bodies and behaviours in ways that are very difficult for us to understand and challenge. European data protection standards such as the GDPR are a good step forward but we need more to effectively ensure enforcement and protection against unlawful surveillance practices.
Filter resources
-
EDRi-gram, 15 April 2026
What has the EDRi network been up to over the past few weeks? Find out the latest digital rights news in our bi-weekly newsletter. In this edition: Cracking the egg shells: what's inside the latest in EU digital rights?
Read more
-
Europe shouldn’t “move fast and break things” with fundamental rights
The Digital Omnibus proposals, presented as “simplification,” risk weakening essential safeguards in the GDPR, the ePrivacy Directive, and the AI Act. By reducing protections and delaying obligations for high-risk systems, they introduce a logic reminiscent of the tech industry’s “move fast and break things” approach. In digital infrastructures built on large-scale data processing and automated decision-making, however, mistakes do not simply disappear. They become part of the system. This is why regulation is essential to protect people’s rights.
Read more
-
Open Letter: EU lawmakers must safeguard the AI Act
41 organisations and experts are calling on the European Commission, the European Parliament, and the Council to reject the AI Omnibus, and honour their responsibility in upholding and safeguarding the integrity of the AI Act and its implementation without delay.
Read more
-
The Court of Justice of the European Union condemns France’s police profiling practices
On 19 March 2026, the EU court ruled that France's law allowing law enforcement data collection is disproportionate and in violation of EU rules, as raised by public interest groups like La Quadrature du Net. This is another illegal feature in the French police databases, which must be urgently dismantled.
Read more
-
The Digital Omnibus reopens the EU data acquis before it has even been tested
The Digital Omnibus not only targets the GDPR, ePrivacy and AI rules, but also rewrites the EU’s data acquis by merging recent laws into the Data Act. These changes risk weakening safeguards, concentrating power, and creating uncertainty before the framework has even been implemented in practice.
Read more
-
How can the EU protect children online while dismantling the very rules designed to keep them safe?
Protecting children online has become one of the most powerful political narratives in Brussels, yet proposals like the Digital Omnibus risk weakening the very safeguards that make this protection possible. This is a contradiction: can children truly be protected if the rules designed to keep them safe are being dismantled?
Read more
-
#PrivacyCamp25: Event summary
On 30 September 2025, policymakers, activists, human rights defenders and academics from Europe and beyond gathered in Brussels and online for Privacy Camp 2025. Together, we explored the theme Resilience and Resistance in Times of Deregulation and Authoritarianism.
Read more
-
A practical guide to joint investigations: lessons learned from one year of the Civic Journalism Coalition
One year ago, EDRi, European Center for Not-for-Profit Law (ECNL) and Lighthouse Reports launched the Civic Journalism Coalition with the aim of connecting investigative journalists with digital rights and civil society organisations. Today, that partnership is yielding tangible results, from journalistic investigations to a new practical guide for collaboration. Here is an overview of the activities - investigations, workshops and community-building efforts - that have shaped the Coalition.
Read more
-
EDRi-gram, 1 April 2026
What has the EDRi network been up to over the past few weeks? Find out the latest digital rights news in our bi-weekly newsletter. In this edition: Rushing, forcing, squeezing – EU’s deregulation & securitisation agenda makes a joke of our rights
Read more
-
Predatorgate: Breaking the chain of impunity of the spyware underworld
Greek courts have issued a landmark criminal first-instance conviction in the Predatorgate scandal, finding four individuals linked to the spyware vendor Intellexa guilty of unlawful surveillance, with cumulative sentences of 126 years and 8 months. Courts must now establish responsibility for who ordered this espionage. The case also resonates across the EU, challenging the widespread impunity of vendors and intensifying the calls for a ban on spyware.
Read more
-
EDRi-gram, 18 March 2026
What has the EDRi network been up to over the past few weeks? Find out the latest digital rights news in our bi-weekly newsletter. In this edition: To scan or not to scan, EU lawmakers ask
Read more
-
Artificial Insecurity: how AI tools compromise confidentiality
Whatever you think about the promises or perils of AI, it’s becoming increasingly impossible to ignore that these tools are beset by glaring security vulnerabilities. From exposing user data to facilitating hacks, from undermining information integrity to creating supply chain vulnerabilities, AI tools are underpinned, and undermined, by dodgy security practices. As we’ll explore in this series, this has grave consequences for the confidentiality of our data, for information integrity, and for access to and availability of systems — all problems that a human rights-respecting approach can help solve.
Read more