SypherPrivacyTalks - February 2025 - Week 7
by Sypher | Published in News - February 10, 2025
Welcome to #SypherPrivacyTalks — Your news and article roundup. Bringing you the top privacy & compliance stories of the week.
European Commission's AI Code of Practice and Training Data Summary Template
jonesday.com • 5 min read + Template
๐The European Commission has introduced a new template for summarising training data in general-purpose AI models, strengthening transparency and copyright compliance under its AI regulatory framework.
Providers will have to document data sources and processing methods, while protecting trade secrets. The template and guidelines will be adopted in the second quarter of 2025, with the new general-purpose AI rules coming into force on 2 August 2025.… read more
Consult the Template for the summary of training data here.
GDPR fine at Omniasig: Collaborator cashed money for non-existent claims
๐ถ Omniasig Vienna Insurance Group (VIG) has been fined €3,000 after an employee of a partner company accessed insured customers' data to fraudulently claim compensation for fake incidents.
Romania's data protection authority investigated the breach, which Omniasig itself reported under GDPR rules. The investigation found unauthorised access to personal, medical and financial data due to inadequate security measures. Omniasig was also ordered to take corrective action.… read more (article in Romanian)
Decision on next EU privacy chief postponed to March
๐ณ๏ธ EU lawmakers are still deciding on the next European Data Protection Supervisor (EDPS). The European Parliament is backing Commission official Bruno Gencarelli, while EU member states are supporting the current EDPS, Wojciech Wiewiórowski, whose mandate expired in December.
A decision is expected in March.... read more
Luxembourg: National Commission for Data Protection adopted guidelines on use of DeepSeek
๐จ On 3 February 2025, the Luxembourg National Commission for Data Protection (CNPD) issued guidelines on DeepSeek R1, warning of data protection risks. The AI tool, developed in China, lacks GDPR compliance, data security safeguards and an EU-based legal representative, limiting users' rights.
The CNPD advised against using DeepSeek … read more (article in French)
Hellenic DPA investigates AI application & spyware data breach amid growing European scrutiny
๐ต๏ธโ๏ธ The Greek Data Protection Authority (DPA) has launched two major investigations. One is looking into whether the DeepSeek AI application complies with the GDPR, while the other is investigating a spyware breach affecting WhatsApp users in Greece.
DeepSeek may face challenges in the future. If the Greek investigation confirms violations, the company could face bans or significant fines, similar to its experience in Italy… read more
Official announcement here (article in Greek).
--
Get connected with us on LinkedIn or by subscribing to our weekly newsletter. We do our best to select the most interesting and relevant content in our field and deliver it to you in a bite-sized format, so you can stay up to date on topics such as Privacy Management & Compliance.
Photo by Solen Feyissa on Unsplash
