Can't find what you're looking for? Try the search bar or refine your parameters using the Frameworks & Concepts button above.
One to watch. Based on the summary of the hearing, this looks like a continuation of the CNIL’s Orange decision and of the CJEU’s SwTL v eprimo case – if so, I fear we are going down a path of bad legal precedent after bad legal precedent. As I have previously commented, the eprimo judgment […]
Part 2 of critical review of the Commission’s PayorOK decision on Meta & the DMA: now for the more GDPR-related part, on consent. As mentioned in part 1 ( https://lnkd.in/dvNKkjWk ), the European Commission (EC) draws lots from the EDPB’s Consent or Pay Opinion. [I was *very* critical of that Opinion – see https://lnkd.in/eddQ4yW8 ] […]
Not impressed. PayorOK, Meta & DMA: EU Commission says paid service is not “equivalent” to ad-funded service. The reason? You need “access to an online payment service” [§91] + the user experience (UX) is different due to other access conditions. Basically, per the decision of the Commission (EC), a choice between “pay with your wallet, […]
Many myths and exaggerations in reactions to WhatsApp’s announcement re ads. From “everything I mention in chats is used for ads” (that’s not how digital advertising works, and Meta had even made it clear message content is never used) to “all your Instagram and Facebook data is used” (while the WhatsApp announcement suggests this only […]
*facepalm* Anti-fraud measures require consent in the context of e-mail tracking? “Thanks a lot”, regulated industries will say, as there are many sectors where anti-fraud measures are *required by law*. Even in industries where this isn’t the case, requiring consent for anti-fraud defeats their very purpose. Really, which fraudster will consent to the use of […]
Some food for thought re adtech & metrics, whether you are publisher, CMP or vendor – six points based on recent discussions with a range of clients (and based on the things they need assistance with): 1. Are you sure you are involved in the processing of personal data? The notion of “personal data” has […]
Not a “what ABC taught me about privacy” thing, but a man held on for dear life to the seat in front of him as the plane banked (normally) on my flight back from a great conference in Vilnius. It did bring me back to what I had been telling the hundreds of attendees to […]
Key takeaways from a great lunch discussion on the Digital Fairness Act with European Commission officials and representatives from consumer rights / industry / SME organisations: – Businesses of all sizes should start gathering data to show to the Commission the impact that personalised advertising has had on their growth, if applicable. – The Commission […]
The Irish Data Protection Commission’s statement of 21 May 2025 “on Meta AI” (just like the judgment coming today in a German court case) provides a great excuse to talk briefly about GDPR legal grounds & AI model training, while I continue to work on the next part of my Better Regulation series (that next […]
The European Commission’s announcement that it will consider simplifying regulatory regimes, notably in relation to data and technology, seems to open Pandora’s box. Is it a chance to draw lessons from what works well and what works less well? In this series on “Better Regulation” in relation to the digital economy, I will be exploring […]
