SypherPrivacyTalks - January 2025 - Week 3
by Sypher | Published in News - January 13, 2025
Welcome to #SypherPrivacyTalks — Your news and article roundup. Bringing you the top privacy & compliance stories of the week.
European Commission fined €400 over GDPR failing in landmark ruling
nationaltechnology.co.uk • 2 min read
๐ถ The General Court of the EU has ordered the European Commission to pay €400 in damages to a German citizen for breaching data protection laws.
The case concerned the Commission's use of a 'Sign in with Facebook' feature in 2022, which resulted in the improper transfer of the user's IP address to the US without adequate safeguards in place at the time.
This also creates a precedent for financial compensation to be granted to an individual for immaterial damage related to the unlawful processing of their personal data… read more
5 Trends to watch: 2025 EU data privacy & cybersecurity
๐กThe article examines the 5 key regulatory trends for 2025:
- The EU's AI law comes into force, focusing on data use, transparency and risk management.
- A new era of cybersecurity regulation with NIS2 enforcing stricter breach notification, risk management and supply chain security for critical sectors.
- The evolution of data transfers: the EU-US Privacy Framework provides a clearer path for transatlantic data flows.
- Consumer Rights: GDPR-inspired changes will strengthen consumer rights, crack down on deceptive practices, and push for greater transparency in data use.
- The Digital Markets Act will impose rules on large platforms, including interoperability and data use restrictions, intersecting with GDPR to reshape digital market practices.
EU Court rules GDPR complaints can’t be rejected based on frequency
๐ฆThe European Court of Justice (CJEU) has ruled that the frequency of GDPR complaints cannot be the sole reason for their rejection, reiterating that complaints must be 'manifestly vexatious or abusive' to be rejected.
This decision supports the rights of campaigners to pursue enforcement of the GDPR, emphasising that users have a right to demand a remedy for breaches unless abuse of the system is proven.... read more
Top 10 legal and policy issues for General Counsel in the automotive and transportation industry in 2025
squirepattonboggs.com • 5 min read
๐ The automotive and transport industries in Europe and elsewhere face significant regulatory challenges in 2025, driven by advances in technology, evolving regulations and expanding global markets.
Amongst there are: autonomous vehicle (AV) regulation; connectivity, data privacy and security; intellectual property (IP) protection or litigation, antitrust and consumer protection.… read more
EDPB publishes Guidelines on data requests from third country authorities
๐ข The EDPB's draft guidance 02/2024 clarifies how data controllers should handle requests for personal data from third countries, under Article 48 of the GDPR. Such requests are only enforceable if they are based on an international agreement, such as a mutual legal assistance treaty.
Organisations must also establish a legal basis and a reason for the transfer. The Guidelines emphasise the need for adequate safeguards in international agreements and outline alternatives, such as standard contractual clauses or specific exceptions, where no such agreement exists.
The public consultation on the Guidelines is open until 27 January 2025… read more
--
Get connected with us on LinkedIn or by subscribing to our weekly newsletter. We do our best to select the most interesting and relevant content in our field and deliver it to you in a bite-sized format, so you can stay up to date on topics such as Privacy Management & Compliance.
Photo by Christian Lue on Unsplash
