EU data protection

EU data protection

The groups cite a "high volume" of data errors linked to the eVisa scheme, which they say amount to both operational failures and serious data protection breaches. In one documented case referenced in the letter, the passport details, contact information, and immigration status of a Canadian citizen were wrongly disclosed to a Russian woman. Other failures have seen migrants locked out of their eVisa accounts, with no effective support from the Home Office and no clear way to escalate urgent issues.

"We know frontline staff want to get this right but are struggling with lack of resource and guidance. Improving this process starts at the beginning - when a child enters the care system, their information should be recorded with their rights in mind, knowing that they may request it later," he said in a statement.

The explosive growth in AI usage represents the single greatest operational threat to organizations, putting intellectual property (IP) and customer data at serious risk. While AI adoption is growing rapidly, enterprises are increasingly exposed to risks related to data security, third‑party AI tools, shadow AI usage, and governance issues. When sensitive IP or Personally Identifiable Information (PII) is entered into unsanctioned AI systems, the data may be used for model training, stored externally, or exposed in unexpected ways, leading to compliance, IP, and reputational risk.

Britain's data protection regulator issued 17 preliminary enforcement notices and sent warning letters to hundreds of website operators throughout 2025, a pressure campaign that brought 979 of the UK's top 1,000 websites into compliance with cookie consent rules and gave an estimated 40 million people-roughly 80% of UK internet users over age 14-greater control over how they are tracked for personalized advertising.

After a years-long battle, the European Commission's "Chat Control" plan, which would mandate mass scanning and other encryption-breaking measures, at last codifies agreement on a position within the Council of the EU, representing EU States. The good news is that the most controversial part, the forced requirement to scan encrypted messages, is out. The bad news is there's more to it than that.

From a consumer perspective, knowing that if something is made in Europe, there will not be arsenic in it, there's that trust that is important,

OVH has a Canadian arm, which was the jumping-off point for the courts, but OVH Group is a French company, so the data in France should be protected from prying eyes. Or perhaps not. Rather than using established Mutual Legal Assistance Treaties (MLAT) between Canada and France, the RCMP sought direct disclosure through OVH's Canadian subsidiary. This puts OVH in an impossible position. French law prohibits such data sharing outside official treaties, with penalties up to €90,000 and six months imprisonment.

"serious indications that indeed Shein may be posing more systemic risks for our consumers across the entire European Union,"

Join over 200 experts from across Europe for a compelling three-day forum dedicated to the evolving intersection of health data, artificial intelligence, and privacy in the life sciences and healthcare sectors.

Their demand lands amid fierce criticism of the regulator's decision not to formally investigate the Ministry of Defence over what has been described as the most serious data breach in British history: the leaking of a spreadsheet revealing the identities and locations of more than 19,000 Afghans fleeing the Taliban. Information Commissioner John Edwards defended his stance at a DSIT-hosted hearing last month, insisting the incident was a "one-off" error rather than evidence of systemic non-compliance inside the MoD.

A "discriminatory" artificial intelligence (AI) model used by Sweden's social security agency to flag people for benefit fraud investigations has been suspended, following an intervention by the country's Data Protection Authority (IMY). Starting in June 2025, IMY's involvement was prompted after a joint investigation from Lighthouse Reports and Svenska Dagbladet (SvB) revealed in November 2024 that a machine learning (ML) system being used by Försäkringskassan, Sweden's Social Insurance Agency was disproportionally and wrongly flagging certain groups for further investigation over social benefits fraud.

Axeptio introduces video as the centerpiece of its Consent Management Platform (CMP), transforming the traditional cookie banner into an immersive, multi-sensory, and fully customisable brand experience. By placing storytelling at the core of consent, Axeptio breaks away from "consent fatigue" and reimagines compliance as a new growth lever. What was once a regulatory obligation has now become a stage: a new communication channel where brands can engage audiences, build trust, and convert attention into performance.

A coalition of reporters obtained the dataset, offered as a free sample from a data broker, containing 278 million location data points from the phones of millions of people around Belgium. Much of the location data is uploaded by ordinary apps installed on a person's phones, which is sold to data brokers. Those data brokers then sell that data to governments and militaries.

Lots of companies are announcing AI this and AI that, but few of them offer more than new AI lipstick on an old pig when you look at them closely. Then, there's what SUSE is doing with its release of SUSE Linux Enterprise Server 16 (SLES 16), available today. This new version is positioned as an AI-ready operating system tailored to the demands of today's hybrid cloud, data center, and edge computing environments.

As businesses continue to integrate sophisticated identity verification systems, the temptation to collect as much user data as possible grows. Unfortunately, this approach backfires. Storing excessive amounts of personal data, particularly in onboarding and KYC (Know Your Customer) flows, does not automatically lead to enhanced security. Instead, it expands the surface area for vulnerabilities and increases the potential scale of impact of security incidents.

Apple has always pushed hard on the need for user privacy. Apple CEO Tim Cook has spoken about the threat of a surveillance economy and Craig Federighi, Apple's software vice president, gave an extensive speech on the topic at the European Data Protection and Privacy Conference in 2020. "The mass centralization of data puts privacy at risk," he said then, "no matter who's collecting it and what their intentions might be. So ,we believe Apple should have as little data about our customers as possible.

The organization, which focused on secure and privacy-friendly DNS resolution within the European Union, says it is discontinuing the service due to a lack of time and resources. The official DNS0.EU website now only displays a short announcement: The dns0.eu service has been discontinued. We would have liked to keep it running. It was not sustainable for us in terms of time and resources. We recommend switching to DNS4EU or NextDNS. We sincerely thank all our infrastructure and security partners who made dns0.eu possible.

Anti-fraud nonprofit Cifas was left red-faced after sending out a calendar invite that exposed the email addresses of dozens of individuals working across the fraud space. The invite was sent in August to a session scheduled for October 16 about the organization's JustMe app, which allows individuals to confirm if applications made in their name are genuine. Over a dozen addresses were exposed in the To field, with another 45 in the CC field, according to the message.

The cloud has become the backbone of modern business, enabling rapid scalability, advanced analytics, and collaboration across global teams. In the age of artificial intelligence (AI), the cloud's role is even more critical, both serving as the storage and processing hub for vast quantities of data that feed machine learning models, power real-time analytics, and drive business innovation. With this innovation comes a high-risk balancing act.