Data Protection Insider Blog

Data Protection Insider

Welcome to Data Protection Insider, your biweekly digest of the latest developments in EU data protection law. Each issue brings you insightful analysis of recent court rulings, legislative updates and regulatory changes that impact data protection across the European Union. Stay informed and deepen your understanding of the evolving data protection legal landscape with our biweekly updates.

Subscribe now!

Data Protection Insider, Issue 130

-CJEU: Public Registers Have to Rectify Incorrect Gender Data Without Proof of Gender Reassignment Surgery- On 13th March, the CJEU held that an asylum register has to rectify the gender data of a refugee without requiring proof of gender reassignment surgery, in VP v Országos Idegenrendészeti Főigazgatóság (Deldits). As to the facts of the case, the applicant in the main […]

Data Protection Insider, Issue 129

-CJEU: The Logic of Profiling Technologies Should be Transparent, Even Where Trade Secrets Are Concerned- On 27th February, the CJEU ruled that profiling agencies should be transparent about the logic involved in profiling technologies and should disclose details about it at least to DPAs and courts, even where their trade secrets might be at stake, in CK v Magistrat der […]

Data Protection Insider, Issue 128

-CJEU: Broad Interpretation of ‘Undertaking’ When Calculating Fines- On 13th February, the CJEU ruled that when the maximum amount for fines for GDPR infringements are calculated, ‘the undertaking’s total worldwide annual turnover in the preceding business year’ has to be taken into account, irrespective of whether the fine is imposed by a DPA or by a criminal court, in ILVA […]

Data Protection Insider, Issue 127

-CJEU General Court: EDPB May Order a National DPA to Broaden the Scope of Investigations and Issue a New Decision- On 29th January, the General Court dismissed the action submitted by the Irish DPC against the EDPB in which the Irish DPC sought the annulment of the EDPB’s decision that the Irish DPC should broaden the scope of its investigations […]

Data Protection Insider, Issue 126

–ECtHR considers Legality of Search and Seizure of Lawyer’s Data– On 23rd January 2025, the ECtHR ruled in the case of Reznik v. Ukraine. In terms of the facts, the applicant is a lawyer. They had a contract with a company, in relation to which they received certain documents. These documents were then returned to the company. The company in […]

Data Protection Insider, Issue 125

-CJEU: High Number of Complaints Does Not Amount Automatically to ‘Excessive Requests’- On 9th January, the CJEU ruled that a data protection authority may not automatically designate complaints submitted to it as ‘excessive requests’ based purely on their huge number in Österreichische Datenschutzbehörde v FR. As to the facts of the case, FR submitted approximately 77 similar complaints based on […]

Data Protection Insider, Issue 124

Data Protection Insider - DPI 17
-ECtHR: Slovakia Breaches Prisoner’s Correspondence Confidentiality- On 12th December, the ECtHR ruled that the measures implemented to monitor the correspondence between a prisoner and his lawyer were contrary to Article 8 ECHR in Adamco v Slovakia (No.2). As to the facts of the case, the applicant has been serving his sentence in different prisons in Slovakia since 2006. The monitoring […]

Data Protection Insider, Issue 123

-CJEU: Law Enforcement Authorities Must Assess the ‘Strict Necessity’ of Biometric and Genetic Data Processing- On 28th November, the CJEU ruled that law enforcement authorities must assess the ‘strict necessity’ of the processing of biometric and DNA data, and that this assessment may not be generally substituted by a court assessment of the ‘strict necessity’ in a case clarifying V.S. […]

Data Protection Insider, Issue 122

-ECtHR: Bosnia and Herzegovina Does Not Respect Legal professional Privilege- On 5th November, the ECtHR ruled that the legal framework in Bosnia and Herzegovina does not offer adequate protection for the confidentiality of lawyers’ correspondence in the case of Neziric v. Bosnia and Herzegovina. As to the facts of the case, the applicant was a lawyer. Upon the order of […]

Data Protection Insider, Issue 121

-ECtHR: Russian ‘Foreign Agents’ Legislation Breaches Various Article 8 Rights- On 22nd October, the ECtHR ruled that the Russian Act on ‘foreign agents’ severely restricts different aspects of the concerned individuals’ private lives in breach of Article 8 ECHR in the case of Kobaliya and Others v Russia. As to the facts of the case, as of 2012, the Russian […]
DPI Editorial Team

Dara Hallinan, Editor: Legal academic working at FIZ Karlsruhe. His specific focus is on the interaction between law, new technologies – particularly ICT and biotech – and society. He studied law in the UK and Germany, completed a Master’s in Human Rights and Democracy in Italy and Estonia and wrote his PhD at the Vrije Universiteit Brussel on the better regulation of genetic privacy in biobanks and genomic research through data protection law. He is also programme director for the annual Computers, Privacy and Data Protection conference.

Diana Dimitrova, Editor: Researcher at FIZ Karlsruhe. Focus on privacy and data protection, especially on rights of data subjects in the Area of Freedom, Security and Justice. Completed her PhD at the VUB on the topic of ‘Data Subject Rights: The rights of access and rectification in the AFSJ’. Previously, legal researcher at KU Leuven and trainee at EDPS. Holds LL.M. in European Law from Leiden University.

Subscribe to our newsletter for updates on legal developments, upcoming conferences, workshops, and publications in your areas of interest.

Newsletter: Subscribe now