Categorie: Data Protection

Data Protection

EDPB Guidelines on Blockchain and GDPR Compliance: Key Considerations for Data Controllers

The EDPB has issued draft guidelines to clarify how the GDPR applies to blockchain technologies. The European Data Protection Board (EDPB) has issued draft Guidelines to provide clarity on the application of the GDPR to blockchain-based processing operations. While blockchain technologies offer benefits in transparency, decentralisation, and resilience, their technical characteristics pose considerable challenges to

Spain’s Proposed Child Online Safety Law introduces major new compliance obligations for Digital Service Providers

Spain has introduced a far-reaching legal framework to protect minors online, requiring businesses to adopt proactive compliance with new digital safety and data protection obligations. Spain is advancing comprehensive legislative reforms aimed at strengthening protections for children and adolescents in the digital environment. The proposed Ley Orgánica de protección de menores en entornos digitales (Organic

ICO’s 2025 Anonymisation Guidance: Turning Personal Data into a Privacy Asset

Explore how the ICO’s March 2025 guidance helps organisations use anonymisation to unlock data value while meeting UK GDPR compliance and strengthening accountability. As the prevalence of data-driven innovation increases, organisations must ensure that this data is being handled with the necessary level of responsibility, which for some data means that anonymisation is necessary. On

COPPA Compliance in 2025: What Businesses Need to Know About Child Safety Laws

COPPA compliance is paramount for companies operating in the U.S. as this legislation remains a critical law for protecting children’s privacy. The Children’s Online Privacy Protection Act (COPPA) remains one of the most important legal safeguards in the United States, designed to protect children under 13 years old from online data collection without parental consent.

California’s Age-Appropriate Design Code: A push for increased online safety for children

California introduced the Age-Appropriate Design Code Act aimed at enhancing child online safety and data privacy.   California’s Age-Appropriate Design Code Act (CAADCA) was introduced as a groundbreaking law aimed at strengthening online protections for children under 18. Signed into law in September 2022 by Governor Gavin Newsom, the CAADCA was modeled after the UK’s

The UK’s Children’s Code: Update for businesses processing children’s data

The ICO has provided recommended business practices for businesses processing children’s data in the UK, to ensure compliance with the UK’s Children’s Code.   The UK’s Children’s Code (also known as the Age-Appropriate Design Code) sets out key data protection requirements for online services that process children’s personal data. Enforced by the Information Commissioner’s Office

Children’s Data Privacy Practices fuel investigations into various businesses

The UK’s ICO launched investigations into TikTok, Reddit, and Imgur over Children’s Data Privacy Practices. The UK’s Information Commissioner’s Office (ICO) has launched an investigation into the data privacy practices of TikTok, Reddit, and Imgur, focusing on how these platforms handle the personal information of children. The probe aims to determine whether these companies comply

Pseudonymisation guidelines adopted by the EDPB, along with steps to enhance collaboration with competition authorities

The EDPB released new guidelines on pseudonymisation and a position paper on data protection and competition law to strengthen GDPR compliance. In January 2025, the European Data Protection Board (EDPB) made a significant regulatory announcement during its plenary meeting, by adopting new pseudonymisation guidelines, as well as issuing a position paper on the interplay between

The ICO provides tips on data protection

Prioritizing data protection for your business in 2025: ICO provides tips As you undertake business operations this year, there’s one crucial element that shouldn’t be overlooked—data protection. Getting data protection right from the start will not only ensure compliance with data privacy laws but also help you build trust with customers, suppliers, and partners alike.

CNIL imposed a fine of €240,000 on KASPR for multiple GDPR violations

CNIL of France has imposed a fine of €240,000 on KASPR for multiple GDPR violations linked to the unlawful collection and retention of personal data.  KASPR, a company offering a Chrome extension to extract professional contact details from LinkedIn and other online sources, has faced regulatory action for its practices. Through its database of approximately