Blog

AI Age Verification: Big Tech’s Risky Fix for GDPR Violations

Posted on March 25, 2025March 25, 2025 by Edda Pernice Category:Artificial Intelligence, GDPR

One-third of GDPR fines being related to the misuse of children’s data. Big tech companies are yet to implement appropriate measures to safeguard them. In response, major platforms like Google and TikTok are planning to use AI age verification to deduce the age of their users. This is done by deducing their age based on […]

Data protection digest 3-17 Mar 2025: Combining FRIA with DPIA is possible, but not once the development of an AI system has begun

Posted on March 19, 2025March 19, 2025 by Olya Vasylyk Category:Data Protection Digest

FRIA and DPIA: Before deploying a high-risk AI system, the organisations shall assess the impact that the use of such a system may have on fundamental rights, explains the Croatian data protection regulator AZOP. For this purpose, private and public entities shall carry out an assessment containing: If both a FRIA and a DPIA need […]

Self-Hosting AI: For Privacy, Compliance, and Cost Efficiency

Posted on March 12, 2025March 12, 2025 by AJ Richter Category:Artificial Intelligence, Technical

Self-hosting AI models is the future of privacy and compliance. By hosting AI models on personal hardware, individuals and businesses can improve data security while meeting strict regulations like the General Data Protection Regulation (GDPR) and the Health Insurance Portability and Accountability Act (HIPAA). Most people use hosted artificial intelligence (AI) services such as ChatGPT […]

Data protection digest 16 Feb – 2 Mar 2025: Data Act to strengthen EU digital market, vigilance over US data transfers

Posted on March 4, 2025March 17, 2025 by Olya Vasylyk Category:Data Protection Digest

The Data Act is almost here In February, the European Commission published a set of updated technical FAQs on the implementation of the legal provisions of the Data Act, applicable as soon as of 12 September 2025. It enhances data sharing and enables a fair distribution of data value by establishing clear rules related to […]

Data protection digest 1-15 Feb 2025: an employer can’t track alleged ‘inactivity’ of workers via screengrabs and constant video monitoring

Posted on February 17, 2025February 17, 2025 by Olya Vasylyk Category:Data Protection Digest

Constant video monitoring and screengrabs at work A company that used software designed to account for times of alleged “inactivity” and grabbed frequent photos of its employees’ computer screens was fined 40,000 euros by the French data protection regulator CNIL. The staff members were also continuously videotaped, both visually and audibly. In particular, the company […]

Understanding the Five Pillars of the DORA

Posted on February 7, 2025February 7, 2025 by Stewart Haynes Category:DORA

In today’s increasingly interconnected financial landscape, the need for robust digital resilience has never been greater. Recognizing this, the European Union has introduced the Digital Operational Resilience Act (DORA), a landmark regulation designed to standardize and strengthen ICT risk management across the financial sector. The DORA mandates specific technical standards, capabilities, and outcomes to ensure […]

Upcoming Webinar: The Trump Effect on EU-US Data Transfers

Posted on February 4, 2025February 6, 2025 by AJ Richter Category:International Transfers, webinar

TechGDPR invites you to another insightful live discussion, The Trump Effect. Join our new Senior Consultant and former Information Commissioner, Stewart Haynes, alongside our Managing Partner, Silvan Jongerius, for an in-depth examination of how U.S. policies under the Trump administration have influenced EU-US data transfers and the broader regulatory landscape. Why You Should Attend Transatlantic […]

Data protection digest 16-30 Jan 2025: The intersection of information and operational technologies in the health sector

Posted on January 31, 2025January 31, 2025 by Olya Vasylyk Category:Data Protection Digest

EU Health sector The Commission presented an EU Action Plan to improve health sector cybersecurity. It will include hospitals, clinics, care homes, rehabilitation centres, various healthcare providers, the pharmaceutical, medical and biotechnology industries, medical device manufacturers, and health research institutions. A significant challenge for the cybersecurity of the health sector is the intersection of information […]

Navigating the DORA – The Digital Operational Resilience Act (DORA) – A high level overview and Gap Analysis

Posted on January 23, 2025February 7, 2025 by Stewart Haynes Category:DORA

In today’s rapidly evolving digital landscape, the financial sector faces unprecedented challenges in maintaining operational resilience against cyber threats and technological disruptions. To address these concerns, the European Union has introduced the Digital Operational Resilience Act (DORA), a groundbreaking regulation set to transform the way financial entities and their ICT service providers manage digital risks. […]

Data protection digest 1-15 Jan 2025: mobile app permissions should work in conjunction with consent requirements – CNIL

Posted on January 17, 2025February 20, 2025 by Olya Vasylyk Category:Data Protection Digest

Mobile app permissions Technical permissions in mobile app are very useful for privacy, explains the French regulator CNIL. They allow users to block access to certain data technically. However, these permissions are not designed to validate users’ consent, within the meaning of the GDPR. Even when consent is required, a simple request for permission does […]

Understanding the Five Pillars of the DORA

Upcoming Webinar: The Trump Effect on EU-US Data Transfers

Navigating the DORA – The Digital Operational Resilience Act (DORA) – A high level overview and Gap Analysis

Do you need support on data protection, privacy or GDPR? TechGDPR can help.

Contact Us

Thank You!

Thank You!