Dear subscriber, 

Thank you for subscribing and being a part of DLA Piper’s Data Protection, Privacy and Cybersecurity community. We appreciate your continued engagement with our insights and the evolving nature of the landscape.

Our goal for this blog is to help you navigate all aspects of data protection, privacy, and cybersecurity laws, while considering

Continue Reading We’re now seamlessly global. Here’s what to expect. 

Authors: Eleni Alexiou, Katharina Pauls

Although key German provisions are in breach of EU law, there will only be little changes in practice – What still needs to be taken into account

On 30 March 2023, the European Court of Justice (ECJ) ruled on the requirements for national legal bases regarding employee data protection
Continue Reading Germany: ECJ ruling on employee data protection

Authors: Andreas Rüdiger, Philipp Adelberg

 On 14 February 2023, the European Data Protection Board (“EDPB”) published the updated and final version of its Guidelines 05/2021 on the Interplay between the application of Article 3 and the provisions on international transfers as per Chapter V of the GDPR (EDPB Guidelines 05/2021).
Continue Reading EU: Final version of the EDPB-Guidelines 05/2021 on the Interplay between the application of Art. 3 and the provisions on international transfers as per Chapter V of the GDPR

Authors: Andreas Rüdiger, Philipp Adelberg

The debate on transatlantic data transfers, a possible adequacy decision for the US and the EU-US Data Privacy Framework (“DPF“) is gaining new momentum. On 14 February 2023, the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs published its draft motion for a resolution regarding
Continue Reading EU – US adequacy decision: Update

Authors: Coran Darling, James Clark

In its proposed AI Regulation (“AI Act”), the EU recognises AI as one of the most important technologies of the 21st century. It is often forgotten, however, that AI is not one specific type of technology. Instead, it is an umbrella term for a range of

Continue Reading EUROPE: Data protection regulators publish myth-busting guidance on machine learning

Authors: Zoltán Kozma, Mark Almasy

The Hungarian Data Protection Authority (Nemzeti Adatvédelmi és Információszabadság Hatóság, NAIH) has recently published its annual report in which it presented a case where the Authority imposed the highest fine to date of ca. EUR 670,000 (HUF 250 million).

The case involved the personal data processing of


Continue Reading Hungary: Record GDPR fine by the Hungarian Data Protection Authority for the unlawful use of artificial intelligence

By: Heidi Waem, Simon Verschaeve

The European Commission today presented its second instrument in the European Data Strategy; a “Regulation on harmonised rules on fair access to and use of data”, better known as the Data Act. After the adoption of the Digital Governance Act (DGA) at the end of 2021, which essentially defines
Continue Reading EU Regulatory Data Protection: A first appraisal of the European Commission’s proposal for a ‘Data Act’