Guide on Recording Workplace Meetings Legally
CNPD Luxembourg published thematic guidance clarifying the legality of audio recording workplace meetings in the private sector. The guide addresses frequently asked questions about using recordings to facilitate minute-taking and ensure accurate transcription of discussions. This guidance applies to companies, associations, and private organizations but explicitly excludes public sector entities.
CNPD Sponsors EschTechWeek 2026 AI Event in Esch-sur-Alzette
The Luxembourg Commission nationale pour la protection des données (CNPD) sponsored EschTechWeek 2026, held March 23-28, 2026 in Esch-sur-Alzette. As an official sponsor, the CNPD participated in activities including a mock Tech Supreme Court on AI ethics, a youth workshop on AI risks and promises, and a facility tour highlighting its data protection mission. The event focused on responsible AI development and digital trust.
European Complaint Handling Workshop on GDPR Cooperation
CNPD Luxembourg hosted a 3-day European workshop (March 25-27, 2026) on data protection complaint handling, bringing together representatives from the EDPB and 24 EU data protection authorities. The workshop focused on harmonizing complaint handling procedures under the GDPR through shared best practices.
Information Leaflet on eHealth Patient Data Privacy for Healthcare Professionals
The Office of the Privacy Commissioner for Personal Data (PCPD) in Hong Kong published an information leaflet to assist healthcare providers and professionals in complying with the Personal Data (Privacy) Ordinance (PDPO) when handling patient data through the eHealth System. The leaflet covers requirements for data collection, accuracy, security, direct marketing prohibitions, and data access requests, with practical guidance and recommended good practices.
AI Security and Cybersecurity Summit for Enterprises
The Privacy Commissioner for Personal Data Hong Kong and HKIRC co-hosted an AI Security and Cybersecurity Summit on March 31, 2026, attracting over 620 corporate representatives. Government officials delivered opening remarks on Hong Kong's AI development strategy and governance framework, including the Ethical Artificial Intelligence Framework and Generative AI Technical Guideline.
Proposed FOIA and Privacy Act Regulations
The Office of the National Cyber Director (ONCD) published a notice of proposed rulemaking establishing its first Freedom of Information Act (FOIA) and Privacy Act regulations. These regulations will govern ONCD's procedures for processing public records requests and handling personal data under the Privacy Act. Public comments are accepted until May 15, 2026.
GDPR Appeal Inadmitted - Complainant Lacks Standing
The AEPD issued Resolution EXP202500572 declaring a recurso de reposición inadmissible because the appellant, as a mere complainant under Article 77.2 GDPR, lacked the legal standing to appeal. The decision cites Supreme Court precedent establishing that complainants have neither subjective rights nor legitimate interests in obtaining sanctions against those they denounce.
First FOIA and Privacy Act Regulations
The Office of the National Cyber Director (ONCD) has released its first proposed Freedom of Information Act (FOIA) and Privacy Act regulations for public comment. The regulations establish ONCD's procedures for processing FOIA requests and managing Privacy Act records. Comments on the proposed rule are due May 15, 2026.