New members have joined the INPLP: Lucia Cantera, Isabel Mendez, Virginia Cervieri and...

...Mehr lesen

The New Era of Privacy and Data Protection in Mexico: What’s Changing?

The Mexican legal system has undergone an unprecedented transformation in the past few months. This has impacted several areas, including but not limited to the dissolution of INAI, former regulator for transparency, access to public information, privacy and personal ...Mehr lesen

Due Diligence Obligations in the Spain: Lessons learnt from AEPD Sanctions and future...

Amid the EU's rapidly evolving due diligence landscape, this article unpacks Spain’s tough stance on data protection compliance and reveals how landmark AEPD fines have sounded a wake-up call: businesses must rigorously vet their third-party providers or face costly ...Mehr lesen

Harmonising Data Protection Legislation across the Commonwealth Caribbean

Can the Commonwealth Model Provisions on Data Protection (“CMP”) drive harmonisation of the collection and retention of Data throughout the Commonwealth Caribbean? ...Mehr lesen

The year 2024 was a very busy one for the Macedonian Personal Data Protection Agency

The Macedonian Personal Data Protection Agency adopted a new Strategy for the implementation of the right to personal data protection and a new Rulebook on the security of personal data processing, in parallel with an increase in the number of supervisions conducted. ...Mehr lesen

MONACO STRENGTHENS ITS LEGAL FRAMEWORK FOR THE PROTECTION OF PERSONAL DATA: NEW LAW 1.565...

This article outlines Monaco Law no. 1.565 of 3 December 2024 on personal data protection, and the activity of the new Personal Data Protection Authority (APDP) in the first half of 2025. ...Mehr lesen

The emerging contours of ‘Verifiable Parental Consent’ under India’s new Data Privacy Law.

India’s new data privacy law will change the way in which data processors collect and process children’s data, by requiring ‘verifiable parental consent’ be obtained; this article provides guidance on how this may work in practice. ...Mehr lesen

Firm But Fair: Irish DPC Publishes 2024 Annual Report

On 19 June 2025, the Data Protection Commission published its Annual Report for 2024, and the popular Case Studies Booklet 2024. The report indicates a fair, consistent regulatory approach by the DPC, which also encompasses a willingness to decisively pursue enforcement ...Mehr lesen

Regulating AI a la Suisse: Between innovation and uncertainty - No comprehensive AI Act

The Federal Council's approach on regulation AI has finally been published on 12 February 2025. ...Mehr lesen

When the GDPR Clock Never Stops: Lessons from a EUR 175,000 Fine for Delayed Data Subject...

In a recent decision (n° 1FR/2025 of 6 January 2025), the Luxembourg National Data Protection Authority (the “CNPD”) sanctioned a major credit institution for non complying with access request’s deadlines as set by the GDPR- despite arguments of force majeure and ...Mehr lesen