The Court of Justice of the European Union (CJEU) ruled that pseudonymized data does not always qualify as personal data under the GDPR. The decision emphasizes that, depending on the context, pseudonymization can prevent third parties from identifying data subjects, meaning GDPR rules may not apply in such cases. However, data controllers remain responsible for informing data subjects about processing and any data sharing, even if re-identification by recipients isn’t possib

The European Parliament has switched off built-in AI features on the work devices of MEPs and staff due to cybersecurity and data protection risks. Some AI tools were sending data to cloud services, raising concerns about potential data exposure. While daily apps like email and calendars remain unaffected, the move highlights the growing need for caution when using AI tools, especially in sensitive environments. The Parliament advises staff and lawmakers to apply similar priv

When patients access healthcare, they share deeply personal and sensitive information, trusting it will be protected. Clinical confidentiality is not only a legal obligation under frameworks like the GDPR but also a fundamental pillar of trust that directly impacts the quality of care, patient honesty, and treatment outcomes. As healthcare systems become more digital, with AI tools and data sharing initiatives expanding, safeguarding health data becomes even more critical. St

As companies increasingly adopt AI in HR processes like hiring and performance management, new legal and operational challenges are emerging. Experts warn that relying on automated decision-making without proper human oversight can impact employees’ rights and lead to bias. Regulations such as the GDPR and the EU AI Act are pushing for greater transparency, accountability, and human intervention in AI-driven decisions. Businesses must also strengthen governance, ensure proper

A massive unsecured database exposed 149 million usernames and passwords, including accounts linked to email services, social media platforms like Facebook, and even banking access. Discovered by security researcher Jeremiah Fowler, the data was publicly accessible without any protection before being removed. The incident highlights the ongoing risks of weak data security practices and reinforces the importance of strong passwords, multi-factor authentication, and regular acc

The European Commission has confirmed a cyberattack targeting the cloud infrastructure hosting official EU websites, with early investigations revealing that data was extracted from public-facing systems. The breach, detected on March 24, was quickly contained, with authorities implementing mitigation measures to ensure services remained operational. While internal systems were not affected, the incident highlights growing cybersecurity risks facing public institutions and th