Belgium’s new Private Investigation Act (“PIA”) was published in the Official Gazette on 6 December 2024 (fr and nl), with most of its provisions…

On 18 December 2024, the European Data Protection Board (“EDPB”) adopted its new opinion on the use of personal data for the development and…

The new Cyber Resilience Act is the first EU regulation on the cyber security of products with digital elements. This includes not only software…

The deadline for NIS2 implementation passed on 17 October, but only 6 EU Member States met that deadline, and 14 of the remaining 22…

While the GDPR imposes strict rules on sensitive data processing, gender identity does not automatically fall under this category. Only personal data revealing racial…

GDPR compliance and inclusion: striking the right balance The General Data Protection Regulation (GDPR) generally prohibits the processing of sensitive data relating to, e.g.,…

The use of Artificial Intelligence (AI) can, inadvertently, give rise to issues relating to data protection compliance and equality law. However, used properly, it…

The deadline for Member State implementation of NIS2 is less than a month away, but the majority of Member States we surveyed are likely…

In Brief The long-awaited EU AI Act was published in the Official Journal of the European Union today, 12 July 2024. The Act regulates…

Copyright 2024 International Association of Privacy Professionals. Data minimization: An increasingly global concept. Data minimization requirements are not new but they are becoming more…