The emergence of social media as a tool for credit scoring is changing how financial institutions assess creditworthiness. While traditional credit scores have largely relied on an individual’s financial history—such as payment records and debt profile—social media is increasingly being used…
Data Protection and AI Models – EDPB Opinion, OpenAI Fine and DeepSeek Scrutiny
The European Data Protection Board (EDPB) adopted Opinion 28/2024 on 17 December 2024,[1] addressing key data protection issues that arise from the processing of personal data in the context of artificial intelligence (AI) models. Issued at the request of the Irish…
Adapting Non-Contractual Civil Liability Rules to Artificial Intelligence in the European Union
by Wasim Khraisha Artificial Intelligence (AI) has revolutionized modern life, offering unprecedented opportunities across various domains, from healthcare to autonomous systems. However, the integration of AI into society has also introduced risks, including potential harm to individuals and entities due to…
GDPR in Action: Key CJEU Rulings on Data Minimisation and Health Data Processing
by Luca Farkas In two recent cases, the Court of Justice of the European Union (CJEU) clarified the interpretation and application of the General Data Protection Regulation (GDPR), a cornerstone of EU data privacy law designed to protect individuals’ personal data….
GDPR: Second report published by the European Commission
by Fatma Ceren Morbel The European Union’s General Data Protection Regulation (“GDPR”) applies to all organizations that handle personal information related to citizens and residents of the European Union since 2018. The regulation enhanced the rights of data subjects, redefined the…
Quick Law Review: EU Data Act
The final text of the Data Act was adopted on 27 November 2023.[1] The Data Act applies to a narrow set of data, data generated by and access to Internet-connected devices (IoT). Examples of such products include vehicles, household appliances and consumer…
Way-out from the cookie fatigue? – Cookie pledge principles to help consumers to understand tracking and to manage cookies requests through effective choices
by Judit Szalatkay The European Data Privacy Board (EDPB) established a taskforce to set an overview on practices of existing cookie banners. The taskforce published its report[1] in the beginning of the year 2023 in which it identified several deceptive and manipulative…
Take it or leave it – twisted
by Izabella Szoboszlai It is no exaggeration to say that 2023 was a particularly busy year for digital platforms. It seems that the hard work of various legal fields has finally come to fruition, even though we may experience interruptions from…
Meta v. Bundeskartellamt – the landmark decision of the CJEU
by Fatma Ceren Morbel As we have discussed in our previous blogpost, Advocate General Rantos stated in his non-binding opinion on the case that although a competition authority does not have jurisdiction to rule on a violation of GDPR, it may investigate…
Save a life – give DNA samples?
by Mónika Mercz Save a life – give DNA samples? Following my latest post regarding the data protection issues that arise when we give away our DNA samples to DNA testing companies, I felt it necessary to further explore what problems come up…