GDPR
Filter by...
-
Council’s General Approach on GDPR Procedural
EDRi acknowledges the Council’s positive steps in their General Approach on the Proposal for additional procedural rules concerning the GDPR. Nevertheless, we emphasise the pressing need for enhanced legal certainty and the prevention of actions that could compromise the effectiveness of GDPR enforcement and erode trust, particularly concerning the protection of fundamental rights.
Read more
-
Position paper: GDPR enforcement done right
There is an urgent need to enhance legal certainty and prevent actions that undermine the effectiveness of and trust in GDPR enforcement. EDRi and Access Now have co-drafted a position paper on the EU Proposal for additional procedural rules concerning the General Data Protection Regulation (GDPR).
Read more
-
Open letter: Modernised ePrivacy legislation must protect fundamental rights
Today, 24 April, EDRi and 13 organisations call for robust legislation to complement and particularise the General Data Protection Regulation (GDPR), and call upon the next European Commission to include comprehensive plans for reforming the European Union’s ePrivacy legislation.
Read more
-
Greek Ministry of Asylum and Migration face a record-breaking €175,000 fine for the border management systems KENTAUROS & HYPERION
On 3 April, the Greek Data Protection Authority (DPA) slapped the Ministry of Asylum and Migration with a record-breaking €175,000 fine under the General Data Protection Regulation for the border management systems KENTAUROS and HYPERION. The DPA’s investigation started back in 2022, following a strategic complaint filed by the EDRi member Homo Digitalis and its partners in Greece.
Read more
-
Europe’s highest court delivers landmark judgment against IAB Europe in GDPR consent spam pop-ups case
The Court of Justice of the European Union's landmark decision on March 7, 2023, against the auctioning of personal data for advertising purposes under the General Data Protection Regulation (GDPR) challenges the legality of invasive tracking and profiling in the context of online advertising. It marks a significant victory for privacy advocates and sets a precedent for the protection of personal data in the digital era.
Read more
-
Open letter: Digital rights advocates unite against Meta’s “Pay or Okay”. Privacy and data protection are NOT for sale
In response to three Data Protection Authorities (DPAs) requesting a European Data Protection Board (EDPB) opinion on Meta's 'Pay or Consent' approach, Access Now, the EDRi office and other EDRi members have united in an open letter urging the Board to reject these subscription-based approaches unequivocally.
Read more
-
The privacy saga with Norwegian Social Service continues
We promised you an update to Janne Cecilie Thorenfeldt’s case taking the Norwegian Labour and Welfare Administration (NAV) on the European Court of Human Rights (ECHR). Since EDRi member Elektronisk Forpost Norge (EFN) reported about the massive GDPR violations of the Service, here is what happened.
Read more
-
GDPR enforcement: European Parliament must guarantee procedural rights to ensure people’s data protection
While it is a step forward in better enforcing the General Data Protection Regulation (GDPR), the European Parliament’s current GDPR Procedural Harmonisation Regulation text is still not enough to safeguard the fundamental rights of people. Today, February 15, the text was approved in the Committee for Civil Liberties, Justice and Home Affairs (LIBE), laying out the blueprints for enhanced procedures for cross-border GDPR complaints and ex-officio investigations.
Read more
-
Norwegian Social Service guilty of massive GDPR violations
Janne Cecilie Thorenfeldt, living in Norway, discovered that her employer which is also the Norwegian Social Service violated her data protection rights. So she took them to court. Read on to learn what happened.
Read more
-
The UK data bridge: a sneak peek at the UK privacy race to the bottom to come
The UK extension to the EU – US Transatlantic Data Privacy Framework will come into force on 12 October. Its adoption provides a sneak peek at the future of UK international data transfers, and the erosion of essential guarantees against surveillance measures that the UK data protection reform would bring.
Read more
-
Meta pledges to ask EU users for consent before showing behavioural ads
In a surprise announcement last Tuesday, Meta made the long overdue promise to finally ask its users for their consent before showing them behavioral ads – at least if they live in the European Union, EEA or Switzerland.
Read more
-
Spotify gets fine of € 5 Million for GDPR violations
Following an EDRi member noyb complaint and litigation over inactivity, the Swedish Data Protection Authoirty (IMY) has issued a fine of 58 Mln Swedish Crown (about € 5 Million) against Spotify.
Read more