For sale - visit GoDaddy
Contact mail@quant.rocks
The latest enforcement actions, landmark rulings, and speculative analysis on the future of EU data protection law.
Speculative analysis on the most likely changes to EU data protection law through 2027.
The long-delayed ePrivacy Regulation — stalled since 2017 — may finally reach agreement in 2025–2026, replacing the fragmented national cookie laws.
Regulators are expected to clarify how GDPR rights — especially Article 22 on automated decisions — apply to high-risk AI systems under the new AI Act.
Privacy advocates have already signalled plans to challenge the 2023 Data Privacy Framework at the CJEU. A successful challenge could again disrupt transatlantic data transfers.
Recent GDPR enforcement actions, policy developments, and landmark decisions. Last updated: 5 July 2026.
The US Supreme Court ruled the FTC may no longer be independent, raising questions about the EU–US DPF adequacy decision which relies on FTC enforcement.
The EDPB and Anti-Money Laundering Authority announced joint guidelines on information sharing partnerships between data protection and AML frameworks.
NOYB and the Norwegian Consumer Council filed a complaint against Schibsted's consent model that forces users to pay or accept tracking — arguing it violates freely given consent under GDPR.
The biggest GDPR enforcement actions since 2018, totalling over €5 billion.
Irish DPC. Unlawful data transfers to the US without adequate safeguards.
Irish DPC. Unlawful processing of personal data through the MoPub advertising network.
Irish DPC. Data transfers to China without adequate safeguards; storage of EU data on Chinese servers.