Europe

Image

Below, you can find the IAPP’s collection of coverage, analysis and resources related to the privacy industry in the European region.

The IAPP Resource Center includes additional European focused topic pages:

Subscribe to the Europe Data Protection Digest e-newsletter!
Keep up to date with the most important privacy and data protection news from the European region by subscribing to the Europe Data Protection Digest e-newsletter.

Featured Resources

European Strategy for Data

This is a multipart series intended to provide privacy professionals with an overview of new EU legislation adopted since May 2022 under the European Union’s Strategy for Data.
Read More

EU Data Initiatives in Context

This infographic provides an update on the various European Union data initiatives and draft legislation. From the EU General Data Protection Regulation to the proposed Digital Services Act and Digital Markets Act, the infographic highlights important details of these initiatives and where the most recent proposals stand.
Read More

EU, US agree to data agreement

U.S. President Joe Biden and European Commission President Ursula von der Leyen announced Friday that the U.S. and EU have reached a new trans-Atlantic data flow agreement in principle. IAPP Editorial Director Jedidiah Bracy, CIPP, has the details.
Read More


Latest News & Resources

EU Artificial Intelligence Act Proposal: What could it change?

Original broadcast date: July 12, 2022 In this LinkedIn Live, IAPP Europe Managing Director Isabelle Roccia, IAPP Senior Westin Research Fellow Jetty Tielemans, Criteo Vice President of Government Affairs and Public Policy Nathalie Laneret, CIPP/E, CIPM, and Kai Zenner, Head of Office and Digital Policy Adviser to Member of European Parliament Axel Voss, discuss proposed changes to the EU Artificial Intelligence Act, similarities with existing regulatory structures, what it could mean for the U... Read More

Proposed EU AI Act blurs lines between AI developers and data processors under GDPR

The proposed EU Artificial Intelligence Act and its intersections with the EU General Data Protection Regulation could present compliance issues for data compliance officers across the continent, according to IAPP Senior Westin Research Fellow Jetty Tielemans. The AI Act has some similarities with the Digital Services Act and the Digital Markets Act regarding how they clarify the GDPR, Tielemans said during a recent IAPP LinkedIn Live. However, she explained the AI Act differs in that "sensitiv... Read More

UK unveils data reform bill, proposes AI regulation

The U.K. government Monday introduced a pair of post-Brexit data reform initiatives aimed at guiding responsible use of data while promoting innovation in the economy, according to two government releases.  In the House of Commons, the government released the Data Protection and Digital Information Bill. In a separate statement, Minister for Media, Data and Digital Infrastructure Matt Warman said the data protection reform bill will help "transform the UK's independent data laws."  In parallel... Read More

Sanctions under EU GDPR and recent data regulations: A case of double jeopardy?
(IAPP, July 2022)
Irish DPC files draft order to halt Meta’s data transfers to US
(IAPP, July 2022)
A view from Brussels: GDPR & DGA, DSA, DMA: When the rubber meets the road
(IAPP, June 2022)
A view from Brussels: EDPB adopts guidelines on fines, Council of the European Union approves DGA
(IAPP, May 2022)
JOIC releases 2021 data breach report
(IAPP, May 2022)
EU institutions publish final text for Digital Markets Act
(IAPP, May 2022)
EU plans to improve health data access
(IAPP, May 2022)
European Data Protection Board Annual Report (2021)
(EDPB, May 2022)
Consent as legal basis for EU and UK employment
(IAPP, May 2022)
CJEU ruling on GDPR litigation builds ‘jurisprudence on data protection’
(IAPP, May 2022)
European Data Protection Supervisor’s Annual Report (2021)
(EDPS, April 2022)
The UK data policy and possible divergences with the European Union
(IAPP, April 2022)
European Parliament issues report on AI Act
(IAPP, April 2022)
EDPS, EDPB chair talk privacy policy in the EU, beyond
(IAPP, April 2022)
EU, US agree ‘in principle’ to new trans-Atlantic data agreement
(IAPP, May 2022)
EU Parliament, Council reach deal on Digital Markets Act
(IAPP, March 2022)
The data provisions in the EU’s upcoming Big Tech law
(IAPP, March 2022)
Data portability in the EU: An obscure data subject right
(IAPP, March 2022)
Commission proposal for a regulation on the European health data space
(IAPP, March 2022)
A conversation with Ukrainian Dmytro Korchynskyi
(IAPP, March 2022)
Key takeaways from CNIL’s draft recommendation on smart cameras
(IAPP, March 2022)
EDPS report: EU Institutions’ resilience to COVID-19
(EDPS, March 2022)
The EU’s anti-money laundering regulation and data protection: Part II
(IAPP, February 2022)
EU Data Governance Act: What privacy professionals need to know
(IAPP, February 2022)
CNIL is latest authority to rule Google Analytics violates GDPR
(IAPP, February 2022)
Inside the EU’s rocky path to regulate artificial intelligence
(IAPP, February 2022)
The 2022 lookout for EU policy: what you need to know
(IAPP, January 2022)
Austrian DPA’s Google Analytics decision could have ‘far-reaching implications’
(IAPP, January 2022)
EU Standard Contractual Clauses (Word documents)
(IAPP)
CNIL sets parameters for processors’ reuse of data for product improvement
(IAPP, January 2022)
CNIL’s ePrivacy fines reveal potential enforcement trend
(IAPP, January 2022)
The EU’s digital strategy and what it means for privacy
(IAPP, December 2021)
European Commission Report: A European strategy for data
(European Commission, December 2021)
From the AI Act to the DSA: Catching up on the EU’s digital agenda
(IAPP, December 2021)
New EU data blockage as German court would ban many cookie management providers
(IAPP, December 2021)
LinkedIn Live: ‘The EU’s Strategy for Data: What the DSA, DMA, DGA mean for privacy’
(IAPP, December 2021)
The way the third-party cookie crumbles: Part 1 – EU and UK developments
(IAPP, December 2021)
The EU’s DMA and DSA: Why this should be of interest to privacy pros
(IAPP, December 2021)
Germany’s telecom privacy law takes effect
(IAPP, December 2021)
EDPB discusses data transfer guidance considerations, key points
(IAPP, November 2021)
LinkedIn Live: ‘New EDPB Guidelines: What is a data transfer under the GDPR?’
(IAPP, November 2021)
New EDPB guidelines define international transfers: Dancing in place
(IAPP, November 2021)
CNIL releases its own privacy maturity self-assessment model
(IAPP, November 2021)
The future of data protection in the EU’s digital market strategy
(IAPP, November 2021)
Dispatch from Brussels: Some clarification for EU data transfers on the horizon
(IAPP, November 2021)
Guide to EU Cookie Laws
(Privacy Policies, November 2021)
ENISA Threat Landscape Report 2021
(European Union Agency for Cybersecurity, October 2021)
Facebook to hire 10K EU workers over next 5 years
(IAPP, October 2021)
Irish DPC proposes 36M euro GDPR fine against Facebook
(IAPP, October 2021)
CNIL Interactive Map – Data protection around the world
(CNIL, September 2021)
Irish DPC WhatsApp decision: What do you need to know?
(IAPP, September 2021)
The Brussels lowdown: Data policy this fall
(IAPP, September 2021)
UK launches wide-ranging data reform initiative
(IAPP, September 2021)
Facebook updates cookie controls in Europe
(IAPP, September 2021)
The state of Serbia’s Personal Data Protection Law after two years
(IAPP, August 2021)
FAQs for UK ICO’s data transfer consultation – including approach to EU SCCs
(IAPP, August 2021)
What can we learn from the Garante’s recent 2.5M euro fine?
(IAPP, August 2021)
EU warns UK could lose adequacy by drifting away from GDPR
(IAPP, August 2021)
Dentons: Europe Cookie Law Comparison tool
(Dentons)
EDPB outlines DPA resourcing, enforcement actions
(IAPP, August 2021)
European Health Data Space: Repairing the trans-Atlantic data relationship through biotech R & D
(IAPP, July 2021)
FPF: Regulatory Strategies of European Data Protection Authorities for 2021-2022
(Future of Privacy Forum, July 2021)
Insights into the Future of Data Protection Enforcement: Regulatory Strategies of European Data Protection Authorities for 2021-2022
(The Future of Privacy Forum, July 2021)
Commentary on Dutch DPA’s fine for not appointing an EU representative
(IAPP, July 2021)
The CJEU did not rescind the one-stop shop. Quite the opposite.
(IAPP, July 2021)
EDPB one-stop shop leaflet
(EDPB, June 2021)
Web Conference: Talks for DPOs by Dutch DPOs
(IAPP, June 2021)
LinkedIn Live: ‘EDPB’s New Recommendations for Post-‘Schrems II’ Data Transfers’
(IAPP, June 2021)
EDPB rapporteur details board’s supplementary measures
(IAPP, June 2021)
EU adequacy decision for South Korea
(IAPP, June 2021)
EDPB’s data transfer recommendations adopt a risk-based approach with teeth
(IAPP, June 2021)
Top-10 do’s and don’ts for service providers implementing the new SCCs with EU customers
(IAPP, June 2021)
LinkedIn Live: ‘EU Digital Strategy: A holistic vision for a digital Europe?’
(IAPP, June 2021)
EDPS Factsheet – Data protection audits explained
(EDPS, June 2021)
Digital wallet unveiled in EU
(IAPP, June 2021)
European Commission adopts UK adequacy decisions
(IAPP, June 2021)
EPDS Infographic — Personal Data Breaches in a Nutshell
(EDPS, May 2021)
CoE, Parliament reach provisional deal on COVID-19 certificates
(IAPP, May 2021)
What’s behind the EU’s new Cloud Code of Conduct?
(IAPP, May 2021)
EPRS: EU-UK private-sector data flows after Brexit
(EPRS, April 2021)
New urgency about data localization with Portuguese decision
(IAPP, April 2021)
How to know you are a ‘data intermediary’ under the Data Governance Act
(IAPP, April 2021)
EU grappling with potential one-stop-shop reform
(IAPP, April 2021)
Why the EU’s AI regulation is a groundbreaking proposal
(IAPP, April 2021)
A look at what’s in the EU’s newly proposed regulation on AI
(IAPP, April 2021)
EDPB adopts data transfer statement, publishes GDPR guidance
(IAPP, April 2021)
Facebook breach draws EU ‘mass action’ lawsuit
(IAPP, April 2021)
EDPB publishes opinions on UK draft adequacy decision
(IAPP, April 2021)
Web Conference: Monitoring Employees’ Health & Activities Outside Work in Germany, Poland and UK
(IAPP, February 2021)
Why the EDPB should avoid torpedoing BCRs for processors
(IAPP, April 2021)
NIS representation in the EU and UK — Was the March 31 deadline a turning point?
(IAPP, April 2021)
LinkedIn Live: ‘Data Transfers from the EU: Will derogations save the day?’
(IAPP, March 2021)
Why this French court decision has far-reaching consequences for many businesses
(IAPP, March 2021)
Federal Constitutional Court: CJEU must clarify whether GDPR provides materiality threshold
(IAPP, February 2021)
GDPR representatives in EU and UK after Brexit
(IAPP, February 2021)
European Commission releases draft UK adequacy decisions
(IAPP, February 2021)
Data transfers: Questions and answers abound, yet solutions elude
(IAPP, February 2021)
Croatian DPA shutters website: Protection of personal data or violation of freedom of speech?
(IAPP, February 2021)
EU Council ambassadors agree to negotiating position on ePrivacy Regulation
(IAPP, February 2021)
EDPS Infographic — EDPS Enforcement Powers
(EDPS, January 2021)
Government leaders discuss state of play for UK adequacy, data transfers
(IAPP, January 2021)
Comparing EU regulatory norms with incident reporting obligations
(IAPP, January 2021)
How does GDPR apply to clinical trial sponsors outside EEA? Views of EEA DPAs
(IAPP, January 2021)
Hard data localization may be coming to the EU — Here are 5 concerns
(IAPP, January 2021)
CJEU’s advocate general: One-stop shop means one-stop shop
(IAPP, January 2021)
CJEU opinion clarifies cross-border enforcement scenarios
(IAPP, January 2021)
UK, EU reach interim data flow agreement
(IAPP, January 2021)
LinkedIn Live: ‘Ask the Expert: How to Run a Global Privacy Program out of the EU’
(IAPP, December 2020)
Proposal for an EU Data Governance Act — a first analysis
(IAPP, December 2020)
How US, EU approach regulating ‘dark patterns’
(IAPP, December 2020)
New Economic Foundation — The Cost of Data Inadequacy: The Economic Impacts of the UK Failing to Secure an EU Data Adequacy Decision
(New Economics Foundation, November 2020)
ENISA Report — Guidelines for securing the IoT
(European Union Agency for Cybersecurity, November 2020)
European Commission: Recommendations for a safe and ethical transition towards driverless mobility
(European Commission, September 2020)
Frequently Asked Questions & Resources on ‘Schrems II’
(IAPP, August 2020)
DPA and government guidance on ‘Schrems II’
(IAPP, July 2020)
ENISA strategy: A trusted and cyber-secure Europe
(European Union Agency for Cybersecurity, July 2020)
White Paper – DPAs on the Ground
(IAPP, May 2020)
The GDPR at Two: Expert Perspectives
(IAPP, May 2020)
White Paper – GDPR at One Year: What We Heard from Leading European Regulators
(IAPP, August 2019)
View More Resources

Regional Resources

Click below to navigate to resources by region.

Albania, AustriaBelarus, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Georgia, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, MaltaNetherlands, North Macedonia, Norway, Poland, Portugal, RomaniaSerbia, SlovakiaSpain, Sweden, SwitzerlandUkraine, United Kingdom, Vatican City





View More Resources





View More Resources



View More Resources


View More Resources




View More Resources

View More Resources





View More Resources


View More Resources






View More Resources



View More Resources

United Kingdom Topic Page in IAPP Resource Center
On this topic page, you can find the IAPP’s collection of coverage, analysis and resources related to privacy in the United Kingdom.
Click To View