When patients access healthcare, they share deeply personal and sensitive information, trusting it will be protected. Clinical confidentiality is not only a legal obligation under frameworks like the GDPR but also a fundamental pillar of trust that directly impacts the quality of care, patient honesty, and treatment outcomes. As healthcare systems become more digital, with AI tools and data sharing initiatives expanding, safeguarding health data becomes even more critical. St

A French data protection authority has fined a company €3.5 million after serious GDPR breaches affecting over 10.5 million data subjects. The organization shared customer emails and phone numbers with a social media platform without consent, failed to conduct a proper data protection impact assessment, and allowed weak password security. Automatic cookies were also installed without user consent. This case highlights that privacy is not optional, companies must prioritize us

YouTube recently launched an AI-powered deepfake detection tool called “Likeness Detection,” which scans videos and compares creators’ facial features to identify manipulated or unauthorized content. To use the tool, creators must upload government-issued IDs and facial biometric videos, raising privacy concerns among experts. Google insists the data is used solely for identity verification and security features, not AI training. However, some warn that linking facial data to

Switzerland’s data protection group, privatim, has warned that international cloud providers like Amazon Web Services, Microsoft Azure, and Google Cloud cannot meet the privacy requirements for sensitive government data. Key issues include lack of true end-to-end encryption, limited transparency, loss of control over data, legal uncertainty, and access rights under the US CLOUD Act. Privatim advises that sensitive data should only be stored in the cloud if government agencies

Benfica has reported to the Portuguese Data Protection Authority (CNPD) allegations of unauthorized data collection during the club’s presidential elections, including names, membership numbers, voting locations, and even vote counts. Some members also received targeted messages promoting a specific list, raising concerns about transparency and confidentiality. The CNPD will investigate the complaints while Benfica emphasizes the importance of integrity and respect for member

Small and midsize businesses increasingly see data protection as a growth opportunity, but many still rely on outdated tools and inconsistent security practices. With ransomware cases rising and AI expanding the attack surface, SMBs face higher risks and need partners who can turn compliance pressure into practical resilience. From immutable storage and smarter backups to unified governance and awareness training, integrated solutions are becoming essential to keep operations

Apple has issued a security alert, urging all users to update their devices immediately. A recently discovered vulnerability could allow hackers or third parties to access locked devices, bypass passcodes, and extract sensitive data. The update is available for iPhone XS and later, several iPad models, Apple Watch, and Macs, fixing the CVE-2025-24200 flaw. The issue affects USB Restricted Mode, originally designed to prevent tools like “GrayKey” from accessing private data. W

Ireland’s Data Protection Commission (DPC) has fined TikTok €530 million for failing to ensure that European user data transferred to China was protected from access by Chinese authorities. The investigation revealed that TikTok provided misleading information to the DPC and failed to demonstrate that data sent to China would have protection levels equivalent to GDPR standards. While TikTok claims it never shared data with the Chinese government, the DPC found that data was r

Recent court decisions in Germany and at the European General Court are challenging the traditional interpretation of GDPR compensation. Historically, under Art. 82 GDPR, data subjects could only claim damages if they proved actual harm resulting from a GDPR violation. However, recent cases—like Junghans v. Meta and Bindl v. European Commission—suggest that a mere loss of control over personal data or uncertainty about its processing can now qualify as non-material damages, e

The European Commission is preparing changes to the General Data Protection Regulation (GDPR) aimed at reducing administrative burdens for small and medium-sized enterprises (SMEs), while maintaining strong privacy protections. Proposed adjustments may include simplifying data registration requirements for companies with fewer than 500 employees. The initiative responds to concerns that the current GDPR framework increases compliance costs, creates legal uncertainty due to

Last year, Portugal reported 332 personal data breaches—almost one per day—according to the National Data Protection Commission (CNPD). Incidents ranged from unauthorized access to databases to exposure of sensitive information, affecting both public and private sectors. Experts warn the real number may be even higher, as many breaches go unreported. The CNPD continues to strengthen oversight and educate organizations on data protection, promoting preventive measures like aud

Researchers have uncovered one of the largest data breaches ever: 16 billion login credentials exposed, from malware and old datasets. Social media, cloud services, corporate tools, and VPNs may have been affected. While no centralized attack on companies like Apple, Google, or Facebook has been confirmed, the leak puts millions of users at risk of identity theft, phishing, and account takeovers. Experts recommend: change your passwords regularly, enable two-factor authentica

Germany’s data protection commissioner has called on Apple and Google to remove the AI chatbot DeepSeek from their app stores, citing...

Meta has been fined €251 million by the European Union for a data breach that occurred in 2018, affecting 29 million accounts, including...

Apple and Google have introduced features that scan images on your device without your knowledge or consent. Apple pioneered with visual...

The U.K. Information Commissioner's Office released its required review and post transition assessment of the Children's Code. The report...

In his new book, former Facebook data scientist Francis Haugen asserts that social media companies, including Facebook, are not being...

The U.K. Information Commissioner's Office advises organizations to adopt privacy enhancing technologies (PETs) for sharing personal...

Meta released two new privacy features for WhatsApp. One of the features consist in “Silence Unknown Callers” which gives the user the...

Attention all companies transferring personal data! Are you aware of the Model Contractual Clauses for the Transfer of Personal Data?...