Data Protection Insider Blog

Data Protection Insider

Welcome to Data Protection Insider, your biweekly digest of the latest developments in EU data protection law. Each issue brings you insightful analysis of recent court rulings, legislative updates and regulatory changes that impact data protection across the European Union. Stay informed and deepen your understanding of the evolving data protection legal landscape with our biweekly updates.

Subscribe now!

Data Protection Insider, Issue 136

Editor’s note: owing to the lack of case–law in the past two weeks, we have decided to report on other relevant EU data protection law news, certain of which dates back beyond two weeks. -VIS SCG Activity Report 2023-2024 Published- On 26th June, the EDPB published the Activity Report of the Visa Information System (VIS) Supervision Coordination Group (SCG) for […]

Data Protection Insider, Issue 135

-CJEU: Inadmissibility Decision on Case concerning Access to Judicial Documents- On 5th June, the CJEU declared the preliminary ruling questions in SQ, from a Bulgarian court inadmissible. However, the Court indicated under which conditions the questions can be made admissible and, thus, we presume that in the future the same questions might become the subject to a new preliminary ruling […]

Data Protection Insider, Issue 134

-ECtHR Reiterates That Police Processing of Personal Data Has to Follow Strict Conditions for Legality- On 27th May, the ECtHR repeated its case law on the processing of personal data by the police and the strict conditions for this in Selishcheva and Others v Russia. As to the facts of the case, the applicants were individuals who were members of […]

Data Protection Insider, Issue 133

-CJEU Rules on Status of EDPB Opinion on Consent or Pay- On 29th April, the CJEU ruled in the case of Meta Platforms Ireland Ltd v. European Data Protection Board. In essence, the case concerned the EDPB’s Opinion 8/2024, issued ‘under Article 64(2)’ of the GDPR at the request of three supervisory authorities – those of Norway, the Netherlands, and […]

Data Protection Insider, Issue 132

-CJEU: National Courts Authorising Personal Data Disclosure Are Not Data Controllers- On 30th April, the CJEU clarified the application of several GDPR provisions to the functions of judicial supervisory bodies (the Inspecotrate in Bulgaria, in casu) and national courts which are called to authorize the disclosure of asset information of prosecutors, investigators, judges and their family members to the Inspectorate […]

Data Protection Insider, Issue 131

-CJEU: Disclosure of Identifiable Information Constitutes Processing of Personal Data and Should not be made Impossible- On 3 April, the CJEU ruled in L.H. v Ministerstvo zdravotnictví that the disclosure of the names, signature and contact details of natural persons acting on behalf a legal person constitutes the processing of personal data and that a requirement in national law which […]

Data Protection Insider, Issue 130

-CJEU: Public Registers Have to Rectify Incorrect Gender Data Without Proof of Gender Reassignment Surgery- On 13th March, the CJEU held that an asylum register has to rectify the gender data of a refugee without requiring proof of gender reassignment surgery, in VP v Országos Idegenrendészeti Főigazgatóság (Deldits). As to the facts of the case, the applicant in the main […]

Data Protection Insider, Issue 129

-CJEU: The Logic of Profiling Technologies Should be Transparent, Even Where Trade Secrets Are Concerned- On 27th February, the CJEU ruled that profiling agencies should be transparent about the logic involved in profiling technologies and should disclose details about it at least to DPAs and courts, even where their trade secrets might be at stake, in CK v Magistrat der […]

Data Protection Insider, Issue 128

-CJEU: Broad Interpretation of ‘Undertaking’ When Calculating Fines- On 13th February, the CJEU ruled that when the maximum amount for fines for GDPR infringements are calculated, ‘the undertaking’s total worldwide annual turnover in the preceding business year’ has to be taken into account, irrespective of whether the fine is imposed by a DPA or by a criminal court, in ILVA […]

Data Protection Insider, Issue 127

-CJEU General Court: EDPB May Order a National DPA to Broaden the Scope of Investigations and Issue a New Decision- On 29th January, the General Court dismissed the action submitted by the Irish DPC against the EDPB in which the Irish DPC sought the annulment of the EDPB’s decision that the Irish DPC should broaden the scope of its investigations […]
DPI Editorial Team

Dara Hallinan, Editor: Legal academic working at FIZ Karlsruhe. His specific focus is on the interaction between law, new technologies – particularly ICT and biotech – and society. He studied law in the UK and Germany, completed a Master’s in Human Rights and Democracy in Italy and Estonia and wrote his PhD at the Vrije Universiteit Brussel on the better regulation of genetic privacy in biobanks and genomic research through data protection law. He is also programme director for the annual Computers, Privacy and Data Protection conference.

Diana Dimitrova, Editor: Researcher at FIZ Karlsruhe. Focus on privacy and data protection, especially on rights of data subjects in the Area of Freedom, Security and Justice. Completed her PhD at the VUB on the topic of ‘Data Subject Rights: The rights of access and rectification in the AFSJ’. Previously, legal researcher at KU Leuven and trainee at EDPS. Holds LL.M. in European Law from Leiden University.

Subscribe to our newsletter for updates on legal developments, upcoming conferences, workshops, and publications in your areas of interest.

Newsletter: Subscribe now