Over recent years, Germany has taken significant strides in legislating accessibility for both public and private sectors. The German Disability Equality Act (BGG) laid the groundwork by providing a framework to support the participation of people with disabilities, although its application is limited to federal public authorities. Building on these efforts, Germany then introduced the […]
English Posts
GDPR and Biometric Data: The Lessons from Atlético Osasuna’s Fine
Spanish football club Atlético Osasuna introduced a facial recognition system for stadium access, sparking a GDPR complaint. The case highlights the challenges of biometric data processing, questioning its legality under the GDPR. The issue goes beyond simple convenience, raising concerns about proportionality, necessity, and fundamental privacy rights. Similar concerns arise when businesses upgrade traditional CCTV […]
France – a pioneer in accessibility legislation
Accessibility to products and services has been on the agenda of the European and Frech regulatory authorities for a long time. The goal of the accessibility legislations has been to ensure (digital) inclusivity for all, particularly for people with disabilities. This means allowing everyone to have physical access to buildings and facilities, using telecommunications and […]
Noyb complaints regarding data transfers to China
Noyb (None of Your Business), the data protection organization founded by Max Schrems, has filed complaints regarding six major Chinese companies, namely, TikTok, AliExpress, SHEIN, Temu, WeChat and Xiaomi before the data protection authorities of Italy, Greece, Belgium, the Netherlands and Austria. Mirroring the complaints filed some years ago regarding data transfers to the US, […]
News from the UK: The ICO’s Online Tracking Strategy 2025
The UK data protection authority, Information Commissioner’s Officer (ICO), has recently published news regarding their online tracking strategy for 2025. Recognizing that “being tracked online is part of daily life for most people”, in 2024 the ICO implemented a number of initiatives to enhance people’s control over how they are tracked. Among such initiatives, the […]
Netflix en de boete van 4,75 miljoen euro: Wat bedrijven kunnen leren over privacy en de AVG
Wanneer je het iconische „Tadum“, het opstartgeluid van Netflix, hoort, denk je waarschijnlijk aan je favoriete tv-serie. Maar onlangs hoorde de Autoriteit Persoonsgegevens (AP) iets anders: een oproep tot strengere naleving van de privacywetgeving. Netflix kwam onder vuur te liggen vanwege zijn privacypraktijken, wat leidde tot een onderzoek en een boete van 4,75 miljoen euro. […]
Legislation on Web Accessibility in Spain
The Spanish legislation contemplates the need to guarantee the rights of people with disabilities since the Spanish Constitution of 1978. In the framework of information technologies, the „Law 51/2003, of 2 December, on equal opportunities, non-discrimination and universal accessibility for people with disabilities“, now repealed, established a period of two years to approve the basic […]
Italian Data Protection Authority bans DeepSeek for Italian market
In the past years, the Italian Data Protection Authority (Garante per la Protezione dei dati personali) has made clear statements towards big technology companies introducing their services in Italy, prior to the verification of GDPR and Italian Data Protection Act compliance. We are referring to the Clearview case of 2022, that caused a fine of […]
AI Literacy and the Dutch Data Protection Authority’s Recommendations
Is your business ready for the AI Act? As of February 2, 2025, businesses operating in the EU must ensure that their employees are AI-literate in accordance with the AI Act. This means that anyone working with AI, whether developing, implementing, or using AI-driven tools, must have the necessary knowledge, skills, and ethical awareness to […]
Website Accessibility in Italy
Website accessibility is becoming an increasingly important topic in Italy, in particular since companies have until the 28th June 2025 to comply with the new European Accessibility Directive. In this article, we outline the Italian legal framework for website accessibility, the importance of early action, and practical steps businesses can take to ensure compliance and […]
DeepSeek AI: Understanding the Risks Before Adoption
In recent discussions about AI technologies, DeepSeek AI has emerged as a potential alternative to ChatGPT. However, before organizations consider integrating this model, it’s crucial to understand the associated risks. Below, we summarize key findings and concerns about DeepSeek AI, along with an alternative recommendation for those prioritizing data protection and transparency. Security Risks Highlighted […]
The GDPR and the AI Act: A Harmonized Yet Complex Regulatory Landscape
The European Union has recently introduced the AI Act, poised to become the cornerstone of AI governance across the EU. This groundbreaking regulation is designed to address the risks AI systems pose to health, safety, and fundamental rights, complementing the protections already established by the General Data Protection Regulation (GDPR). Together, these frameworks create a […]
Understanding China’s new Measures for the Certification of Personal Information Protection for Overseas Transfers
The Personal Information Protection Law and the Network Data Security Management Regulation, among other laws and regulations, stipulate the methods for transferring personal information overseas, including: a data transfer security assessment, a standard contract, and certification. Additionally, other conditions may permit the personal information overseas transfer. Recently, the Cyberspace Administration of China (“CAC”) released the […]
Benelux Authorities Tighten Scrutiny on DPO Appointments
Authorities in Belgium, the Netherlands, and Luxembourg are paying closer attention to how organizations appoint their Data Protection Officers (DPOs). They are especially focused on making sure DPOs can work independently, without a conflict of interest and have enough resources to do their job properly. In the Netherlands, the Dutch Authority for Personal Data (AP) […]
EDPB Issues Opinion on Personal Data Processing by AI Models
As artificial intelligence (AI) increasingly integrates into daily life, its influence on privacy continues to grow. Developing AI models often involves processing vast amounts of data, and such models are now widely involved in numerous processing activities. This trend has raised concerns about privacy, transparency, and fairness. In response to these challenges, the European Data […]