Video of the conference held on October 10, 2025 in Rome for the presentation of the book ‘Artificial Intelligence, Privacy and Neural Networks: The Balance Between Innovation, Knowledge and Ethics in the Digital Age’.
Public consultation open until 4 December 2025 on guidelines regulating the interplay between Digital Markets Act and GDPR
The EU Digital Omnibus: Europe’s Bold Move to Simplify Digital Regulation The European Commission launched today an ambitious initiative that could fundamentally reshape how businesses interact with EU digital regulations. The Digital Omnibus, part of the broader Digital Package on Simplification, represents the most significant attempt yet to address what many consider the growing complexity burden of Europe’s digital regulatory landscape. The Problem Brussels Finally Acknowledges After years of stakeholder complaints about regulatory fragmentation and implementation complexity, the Commission has officially recognized what industry has been saying: Europe’s digital rulebook has become unwieldy. The call for evidence document is surprisingly candid about the challenges, noting that “multiple horizontal, and sector-specific rules were adopted, leading to complexity in implementation, fragmentation in their application at the national level and misalignment in the enforcement approaches.” ...
EU Data Act: A New Era for Data Control in Europe’s Digital Economy September 12, 2025 - Today marks a fundamental milestone for the European digital economy: the EU Data Act officially comes into force across all European Union member states, as announced today by the European Commission in an official press release. This regulation represents a crucial piece in the European data governance puzzle, complementing the GDPR and AI Act to build a fairer, more transparent, and competitive digital ecosystem. ...
The EU Court of Justice Clarifies the Limits of Pseudonymization: Data Remains Personal for Those Who Hold the Key The EDPS/SRB Case: When Pseudonymized Opinions Remain Personal Data The recent Judgment of the Court of Justice of the European Union (First Chamber) of 4 September 2025 in the Case C-413/23 P of 4 September 2025 provides essential clarifications on the nature of pseudonymized data and transparency obligations for data controllers, with significant implications for anyone managing data sharing processes with third parties. ...
🚨 NEW EDPB-EDPS Joint Opinion on SME Record-Keeping Simplification On 9 July 2025, the European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) released their Joint Opinion 01/2025 on the proposed regulation to simplify record-keeping obligations for small and medium-sized enterprises (SMEs) and small mid-cap companies (SMCs). 🎯 Key Highlights: Extended threshold: The proposal would raise the employee threshold from 250 to 750 employees for record-keeping exemptions under Art. 30(5) GDPR Broader scope: SMCs (small mid-cap companies) would also benefit from simplified obligations Risk-based approach maintained: High-risk processing activities would still require full compliance regardless of company size Administrative burden reduction: Aims to provide greater flexibility for smaller organizations while maintaining data protection standards 💡 EDPB-EDPS Position: The authorities express preliminary support for this targeted simplification initiative, welcoming the risk-based approach that ensures fundamental rights protection remains intact. However, they’ve requested further clarification on the new 750-employee threshold and recommend better alignment with the newly introduced SME/SMC definitions. ...
An online social network such as Facebook cannot use all of the personal data obtained for the purposes of targeted advertising, without restriction as to time and without distinction as to type of data.
The online sale of pharmacy-only medicinal products requires the explicit consent of the customer to the processing of his or her data, even where those medicinal products do not require a prescription.
Personal data protection: the supervisory authority is not obliged to exercise a corrective power in all cases of breach and, in particular, to impose a fine
](https://www.nicfab.eu/images/edps/neural.png)
EDPS Model