The CJEU has decided that the maximum thresholds for GDPR fines should be calculated using the global turnover of the broader corporate group, not solely the infringing entity. The penalties ...

The ruling in part reflects a tension between how biometrics are often used in practice and the definition of biometrics as “special category data” under GDPR.

The number of organizations notifying their GDPR regulator of a data breach surged by 22% to a daily average of 443 in 2025, according to DLA Piper. The global law firm has been analyzing GDPR ...

Fines for violations of the European Union's landmark privacy law have soared nearly sevenfold in the past year, according to new research. EU data protection authorities have handed out a total of $1 ...

On 27 March 2025, the UK Information Commissioner’s Office (ICO) issued a £3.07 million fine to an IT services provider following a ransomware attack in 2022 that affected the company’s health care ...

Data protection authorities imposed over €1 billion in fines in 2024, but activists complain that violations of the law far too rarely result in penalties. Data protection authorities in Europe ...

Vanta outlines crucial GDPR compliance steps for startups, emphasizing ethical data management, legal requirements, and customer trust.

While Europe champions stringent data protection, its companies are outsourcing sovereignty to Silicon Valley, where profit often trumps privacy Regolo highlights. If a German retailer uses a popular ...

Even though 88% of businesses spend over €1 million on GDPR compliance and 40% invest up to €10 million, 80% of their employees still ignore basic password security practices. The formal risk is ...

Microsoft deputy general counsel Julie Brill spoke with European Data Protection Board chairwoman Andrea Jelinek about lessons learned from the GDPR one year in and ...