Do (re)watch our 53-minute civilised, proper debate on some of the key GDPR parts of the Digital Omnibus proposal! From the notion of “personal data” to special categories of data, AI development & training and even scientific research, a lot of ground covered from two perspectives. [I had a few awkward moments of the “unmute” […]
From fishing (instead of the GDPR) to a random “v” having appeared instead of a few words (a typo upon deletion?), the Commission’s GDPR & Data Act Omnibus feels like a rushed document. But what does it cover really? I’m focussing here on GDPR & ePrivacy: – Personal data definition: I like the idea of […]
If the European Commission unveils the (final) full Digital Omnibus proposals on 19 November, what will they cover? Many of us will discuss this during panels at the IAPP conference, but those might be gut reactions depending on the timing of the publication by the Commission. Glad to announce that I will be exchanging on […]
Really interesting insights from Greet Gysen from the EDPB at the Nordic Privacy and Innovation Summit in Stockholm. Part of the consequences of the “Helsinki statement” adopted by the European Data Protection Board are that the EDPB will be consulting stakeholders more in advance – this much we knew already. She also highlighted that the […]
Hopefully thought-provoking? My keynote on “Personal Data in a Digital World: What Are We Protecting?” kicked off the Nordic Privacy & Innovation Summit 2025 today in Stockholm. Among my topics: SRB, OT, ePrivacy, AI and AI model training, plus how to make the GDPR more workable (see slides, which show that data protection involves a […]
On some topics our views may differ, but on the future of data protection rules, I find that Mark and I are pretty aligned. Dr M.R. (Mark) Leiser’s comments come from the observation that the law needs to *make sense* to be effective, and where the law isn’t the problem to start with but its […]
Privacy-enhancing technologies: “death by ePrivacy”? PETs were on the agenda of the IAPP DPC24 in Brussels this week, but few talked about the dangers to PETs caused by evolving positions of regulators. PETs (for ads with less data, content-focussed analytics, etc.) are being worked on by companies of all backgrounds and sizes and touted as […]
GDPR & Data Act Digital Omnibus: this is *NOT* the final version we expect the Commission to publish in two weeks (already made public by some outlets such as Contexte). But this way anyone keen on reading in more detail the points I summarised and commented in my previous post on the GDPR aspects (see […]
Key points from (& thoughts on) draft GDPR Digital Omnibus: First, Art. 4(1) GDPR would be completed with an SRB-like statement (great news), plus a mitigation of abusive interpretation of the Scania judgment (also great news). Art. 4(15) on “data concerning health” would also finally be more specific, avoiding some of the more awkward and […]
Some thoughts on today’s EDPB “Pay or Consent” stakeholder event – in practice one about the future of GDPR enforcement, consent, adtech and even the future of the Internet: – At times, things got heated in our breakout room between two camps, typically privacy rights campaigners + contextual ad solution providers on the one hand […]