Data Privacy

ICO Decision Notice: FOI Complaint Against London Borough of Croydon

The UK's Information Commissioner's Office (ICO) has upheld a Freedom of Information (FOI) complaint against the London Borough of Croydon. The authority failed to respond to a request within the statutory 20 working days. The ICO has ordered the council to respond within 30 calendar days.

Garante Privacy Sanctions Aldilapp, Halts Non-Compliant Cameras

The Italian Garante Privacy has sanctioned Aldilapp and its distributors for non-compliant digital cemetery services, halting the use of non-compliant cameras. The authority also approved a delegation management platform and expressed global concerns regarding AI-generated intimate content.

DSA Transparency Reports Clarify Content Moderation

The EU has published harmonised transparency reports under the Digital Services Act (DSA), standardising content moderation data reporting for online services. This follows the adoption of an Implementing Regulation in July 2025, with the first reports due by March 2026.

CNIL Closes Order Against KASPR Following GDPR Violations

The CNIL has closed an order against KASPR, originally issued on December 5, 2024, which included a €240,000 fine for GDPR violations related to data collection from LinkedIn. KASPR has demonstrated compliance with the corrective measures, leading to the closure of the order and the non-liquidation of a potential daily penalty.

AEPD Fines ORNITOLÓGICA DE ANDALUCÍA FOA 131,801 Euros for GDPR Violation

The Spanish Data Protection Agency (AEPD) has issued a resolution imposing a fine of 131,801 euros on ORNITOLÓGICA DE ANDALUCÍA FOA for a data breach. The violation involved the mass emailing of personal data, including names and national identification numbers, to federated associations and individuals.

AEPD Archives Proceedings Against Orange Spain Regarding Portability

The Spanish Data Protection Agency (AEPD) has archived proceedings against Orange Spain concerning a data portability issue. A consumer filed a complaint alleging unauthorized portability of their fixed-line number, leading to service suspension and subsequent restoration. The AEPD closed the case after reviewing the evidence and Orange's response.

Reddit v. Autoriteit Persoonsgegevens - Data Protection Proceedings

The District Court in The Hague rejected Reddit's legal claims against the Dutch data protection authority (AP) regarding an investigation into unlawful personal data processing. The AP is continuing its investigation into whether Reddit unlawfully shared user data with algorithm developers.

Dutch DPA warns generative AI risks becoming wild west

Dutch DPA warns generative AI risks becoming wild west

Dutch DPA Cookie Policy Campaign

The Dutch Data Protection Authority (AP) has launched a public campaign urging organizations to review and improve their cookie policies. The campaign provides guidelines and aims to raise awareness about data collection practices and privacy risks associated with website cookies.

AP Warns Users: TikTok Continues to Send Personal Data to China

The Dutch Data Protection Authority (AP) has warned users that TikTok continues to transfer personal data to China, despite a ruling by European privacy regulators deeming such transfers unlawful. The AP advises users and organizations to reconsider their use of TikTok and similar services.