Privacy

A consent system relied upon by tech giants including Google, Microsoft, Amazon and X to serve targeted online advertising has been ruled to be incompatible with the GDPR. Belgium's Court of Appeal yesterday ruled on an appeal brought by the Interactive Advertising Bureau (IAB) Europe against an ear

TikTok has said it will appeal a €530 million fine imposed by Ireland's Data Protection Commission (DPC) following an investigation into transfers of EU users' personal data to China. The DPC announced the fine on Friday after finding that TikTok had violated the GDPR in respect of its transfer

TikTok has been fined €530 million by Ireland's Data Protection Commission (DPC) following an investigation into transfers of EU users' personal data to China. The DPC, in its role as the lead supervisory authority for TikTok, launched the inquiry to examine the lawfulness under the GDPR of Tik

The UK's privacy regulator has imposed a £60,000 fine on an English law firm following a cyber attack that led to highly sensitive and confidential personal information being published on the dark web. The Information Commissioner's Office (ICO) found that Merseyside-based DPP Law Ltd had 

The Data Protection Commission (DPC) has launched an investigation into Elon Musk's X social media platform over its use of users' posts as AI training data. X Internet Unlimited Company (XIUC), known until the start of April 2025 as Twitter Internet Unlimited Company (TIUC), was notified last week

A prominent British businessman identified as the subject of allegations of sexual harassment and bullying by a member of the House of Lords, who used parliamentary privilege to circumvent a court injunction, did not suffer a violation of his privacy rights, the European Court of Human Rights has ru

The High Court has dismissed judicial review proceedings in respect of a data breach which allegedly compromised personal data on the applicant’s work phone. Delivering judgment for the High Court, Mr Justice Barry O’Donnell was satisfied that the clear import of the applicant’s co

The Court of Justice of the European Union (CJEU) has been asked whether ex-Catholics have a right under the GDPR to have their baptismal record erased upon request. A request for preliminary ruling was submitted in January by the Brussels Court of Appeal, which is hearing an appeal in a case brough

Northern Ireland's Independent Commission for Reconciliation and Information Recovery (ICRIR) has apologised for a "limited data breach" which disclosed the names of 25 people. The legacy body said it mistakenly disclosed the names — principally of individuals who were requesting investigation

Ireland's Data Protection Commission (DPC) is taking part in Europe-wide enforcement actions focused on the "right to be forgotten". The European Data Protection Board (EDPB) last week announced its co-ordinated enforcement framework (CEF) action for 2025, involving 32 data protection authorities ac

William Fry lawyers Rachel Hayes, Adele Hall and Aoife Keenan examine a Circuit Court decision awarding €7,500 in a personal data breach claim against a government agency. In M.H. v Child and Family Agency, a 2023 ex tempore judgment, the Circuit Court awarded the plaintiff €7,50

Matheson partner Davinia Brennan considers a recent decision clarifying the definition of "personal data breach". The Irish Data Protection Commission (DPC) recently imposed a €91 million fine on Meta Platforms Ireland Limited (MPIL), having found that it violated a number of provisions of the

Ireland's Data Protection Commission (DPC) has signed a joint declaration on AI alongside data protection authorities from the UK, Australia, South Korea and France. The two-page document reaffirms the authorities' commitment to implementing data governance that promotes innovative and privacy-

The General Court of the European Union has dismissed a challenge by Ireland's Data Protection Commission (DPC) to the powers of the European Data Protection Board (EDPB). Today's judgment from the Tenth Chamber of the General Court affirms the EDPB's authority to instruct national supervisory autho

Northern Ireland firm Carson McDowell has marked World Data Protection Day with the launch of a new specialist data action response team (DART).