Europe

Image

Below, you can find the IAPP’s collection of coverage, analysis and resources related to the privacy industry in the European region.

The IAPP Resource Center includes additional European focused topic pages:

Subscribe to the Europe Data Protection Digest e-newsletter!
Keep up to date with the most important privacy and data protection news from the European region by subscribing to the Europe Data Protection Digest e-newsletter.

Featured Resources

European Institutions Privacy Stakeholder Map

To better understand the entities involved in EU privacy rulemaking, this chart provides an overview of the institutions, the nature of their role, the specific areas of responsibilities, and current leadership.
Read More

Practical considerations from EU enforcement

This article breaks down the key practical takeaways and things to look out for on the EU General Data Protection Regulation’s legal bases and transparency requirements.
Read More

European Strategy for Data

This is a multipart series intended to provide privacy professionals with an overview of new EU legislation adopted since May 2022 under the European Union’s Strategy for Data.
Read More


Latest News & Resources

EU-US Data Privacy Framework – Guidance and Resources

On October 7, 2022, the White House released an executive order implementing the long-awaited EU-U.S. Data Privacy Framework. The European Commission concurrently announced that it will launch its adequacy determination procedure for EU personal data transferred to the United States under the arrangement. This page will stay updated with the latest guidance documents and resources covering what these new rules say, how they work and what comes next as the adequacy review process proceeds. Read More

GDPR Genius

This interactive tool provides IAPP members ready access to critical GDPR resources — enforcement precedent, interpretive guidance, expert analysis and more — all in one location. Read More

The EU-US Data Privacy Framework and next steps for data transfers

Original broadcast date: Oct. 7, 2022 In this LinkedIn Live event, IAPP's Caitlin Fennessy, CIPP/US, Alton & Bird's Peter Swire, CIPP/US, American University Washington College of Law's Alex Joel, CIPP/G, CIPP/US, and Future of Privacy Forum's Gabriela Zanfir-Fortuna discuss U.S. President Joe Biden's executive order implementing the EU-U.S. Data Privacy Framework.... Read More

IAPP country leaders weigh in: What’s next for data protection in Europe?

Original broadcast date: Oct. 6, 2022 In this LinkedIn Live event, IAPP Managing Director, Europe, Isabelle Roccia spoke with IAPP European country and regional leaders: Ulrich Baumgartner, CIPP/E, in the DACH region, Kate Colleary, CIPP/E, CIPM, in Ireland, Yann Padova in France, Rocco Panetta, CIPP/E, in Italy, and Jeroen Terstegge, CIPP/E, CIPP/US, in the Netherlands. Each panelist discussed what they foresee for data privacy in their respective region, as well as what privacy and data prote... Read More

A view from Brussels: The latest on the DSA, DMA and Privacy Shield
(IAPP, October 2022)
European Commission Report: A European strategy for data
(European Commission, October 2022)
The value of a UK representative: A response to the DPDI Bill
(IAPP, September 2022)
Bloc of EU lawmakers throws support behind total facial recognition ban
(IAPP, September 2022)
CEPS publishes EU AI Act report
(IAPP, September 2022)
Is data localization coming to Europe?
(IAPP, August 2022)
Dentons: Europe Cookie Law Comparison tool
(Dentons, August 2022)
UK DPDI Bill: Comparative analysis with the EU GDPR and ePrivacy framework
(IAPP, July 2022)
EU Artificial Intelligence Act Proposal: What could it change?
(IAPP, July 2022)
Proposed EU AI Act blurs lines between AI developers and data processors under GDPR
(IAPP, July 2022)
UK unveils data reform bill, proposes AI regulation
(IAPP, July 2022)
Sanctions under EU GDPR and recent data regulations: A case of double jeopardy?
(IAPP, July 2022)
Irish DPC files draft order to halt Meta’s data transfers to US
(IAPP, July 2022)
Guide to EU Cookie Laws
(Privacy Policies, July 2022)
UK Data Protection Reform
(IAPP, June 2022)
A view from Brussels: GDPR & DGA, DSA, DMA: When the rubber meets the road
(IAPP, June 2022)
A view from Brussels: EDPB adopts guidelines on fines, Council of the European Union approves DGA
(IAPP, May 2022)
JOIC releases 2021 data breach report
(IAPP, May 2022)
EU institutions publish final text for Digital Markets Act
(IAPP, May 2022)
EU plans to improve health data access
(IAPP, May 2022)
European Data Protection Board Annual Report (2021)
(EDPB, May 2022)
Consent as legal basis for EU and UK employment
(IAPP, May 2022)
CJEU ruling on GDPR litigation builds ‘jurisprudence on data protection’
(IAPP, May 2022)
European Data Protection Supervisor’s Annual Report (2021)
(EDPS, April 2022)
The UK data policy and possible divergences with the European Union
(IAPP, April 2022)
European Parliament issues report on AI Act
(IAPP, April 2022)
EDPS, EDPB chair talk privacy policy in the EU, beyond
(IAPP, April 2022)
EU, US agree ‘in principle’ to new trans-Atlantic data agreement
(IAPP, May 2022)
EU Parliament, Council reach deal on Digital Markets Act
(IAPP, March 2022)
The data provisions in the EU’s upcoming Big Tech law
(IAPP, March 2022)
Data portability in the EU: An obscure data subject right
(IAPP, March 2022)
Commission proposal for a regulation on the European health data space
(IAPP, March 2022)
A conversation with Ukrainian Dmytro Korchynskyi
(IAPP, March 2022)
Key takeaways from CNIL’s draft recommendation on smart cameras
(IAPP, March 2022)
EDPS report: EU Institutions’ resilience to COVID-19
(EDPS, March 2022)
The EU’s anti-money laundering regulation and data protection: Part II
(IAPP, February 2022)
EU Data Governance Act: What privacy professionals need to know
(IAPP, February 2022)
CNIL is latest authority to rule Google Analytics violates GDPR
(IAPP, February 2022)
Inside the EU’s rocky path to regulate artificial intelligence
(IAPP, February 2022)
The 2022 lookout for EU policy: what you need to know
(IAPP, January 2022)
Austrian DPA’s Google Analytics decision could have ‘far-reaching implications’
(IAPP, January 2022)
EU Standard Contractual Clauses (Word documents)
(IAPP)
CNIL sets parameters for processors’ reuse of data for product improvement
(IAPP, January 2022)
CNIL’s ePrivacy fines reveal potential enforcement trend
(IAPP, January 2022)
The EU’s digital strategy and what it means for privacy
(IAPP, December 2021)
From the AI Act to the DSA: Catching up on the EU’s digital agenda
(IAPP, December 2021)
New EU data blockage as German court would ban many cookie management providers
(IAPP, December 2021)
LinkedIn Live: ‘The EU’s Strategy for Data: What the DSA, DMA, DGA mean for privacy’
(IAPP, December 2021)
The way the third-party cookie crumbles: Part 1 – EU and UK developments
(IAPP, December 2021)
The EU’s DMA and DSA: Why this should be of interest to privacy pros
(IAPP, December 2021)
Germany’s telecom privacy law takes effect
(IAPP, December 2021)
EDPB discusses data transfer guidance considerations, key points
(IAPP, November 2021)
LinkedIn Live: ‘New EDPB Guidelines: What is a data transfer under the GDPR?’
(IAPP, November 2021)
New EDPB guidelines define international transfers: Dancing in place
(IAPP, November 2021)
CNIL releases its own privacy maturity self-assessment model
(IAPP, November 2021)
The future of data protection in the EU’s digital market strategy
(IAPP, November 2021)
Dispatch from Brussels: Some clarification for EU data transfers on the horizon
(IAPP, November 2021)
ENISA Threat Landscape Report 2021
(European Union Agency for Cybersecurity, October 2021)
Facebook to hire 10K EU workers over next 5 years
(IAPP, October 2021)
Irish DPC proposes 36M euro GDPR fine against Facebook
(IAPP, October 2021)
CNIL Interactive Map – Data protection around the world
(CNIL, September 2021)
Irish DPC WhatsApp decision: What do you need to know?
(IAPP, September 2021)
The Brussels lowdown: Data policy this fall
(IAPP, September 2021)
UK launches wide-ranging data reform initiative
(IAPP, September 2021)
Facebook updates cookie controls in Europe
(IAPP, September 2021)
The state of Serbia’s Personal Data Protection Law after two years
(IAPP, August 2021)
FAQs for UK ICO’s data transfer consultation – including approach to EU SCCs
(IAPP, August 2021)
What can we learn from the Garante’s recent 2.5M euro fine?
(IAPP, August 2021)
EU warns UK could lose adequacy by drifting away from GDPR
(IAPP, August 2021)
EDPB outlines DPA resourcing, enforcement actions
(IAPP, August 2021)
European Health Data Space: Repairing the trans-Atlantic data relationship through biotech R & D
(IAPP, July 2021)
FPF: Regulatory Strategies of European Data Protection Authorities
(Future of Privacy Forum, July 2021)
Insights into the Future of Data Protection Enforcement: Regulatory Strategies of European Data Protection Authorities for 2021-2022
(The Future of Privacy Forum, July 2021)
Commentary on Dutch DPA’s fine for not appointing an EU representative
(IAPP, July 2021)
The CJEU did not rescind the one-stop shop. Quite the opposite.
(IAPP, July 2021)
EDPB one-stop shop leaflet
(EDPB, June 2021)
Web Conference: Talks for DPOs by Dutch DPOs
(IAPP, June 2021)
LinkedIn Live: ‘EDPB’s New Recommendations for Post-‘Schrems II’ Data Transfers’
(IAPP, June 2021)
EDPB rapporteur details board’s supplementary measures
(IAPP, June 2021)
EU adequacy decision for South Korea
(IAPP, June 2021)
EDPB’s data transfer recommendations adopt a risk-based approach with teeth
(IAPP, June 2021)
Top-10 do’s and don’ts for service providers implementing the new SCCs with EU customers
(IAPP, June 2021)
LinkedIn Live: ‘EU Digital Strategy: A holistic vision for a digital Europe?’
(IAPP, June 2021)
EDPS Factsheet – Data protection audits explained
(EDPS, June 2021)
Digital wallet unveiled in EU
(IAPP, June 2021)
European Commission adopts UK adequacy decisions
(IAPP, June 2021)
EPDS Infographic — Personal Data Breaches in a Nutshell
(EDPS, May 2021)
CoE, Parliament reach provisional deal on COVID-19 certificates
(IAPP, May 2021)
What’s behind the EU’s new Cloud Code of Conduct?
(IAPP, May 2021)
EPRS: EU-UK private-sector data flows after Brexit
(EPRS, April 2021)
New urgency about data localization with Portuguese decision
(IAPP, April 2021)
How to know you are a ‘data intermediary’ under the Data Governance Act
(IAPP, April 2021)
EU grappling with potential one-stop-shop reform
(IAPP, April 2021)
Why the EU’s AI regulation is a groundbreaking proposal
(IAPP, April 2021)
A look at what’s in the EU’s newly proposed regulation on AI
(IAPP, April 2021)
EDPB adopts data transfer statement, publishes GDPR guidance
(IAPP, April 2021)
Facebook breach draws EU ‘mass action’ lawsuit
(IAPP, April 2021)
EDPB publishes opinions on UK draft adequacy decision
(IAPP, April 2021)
Web Conference: Monitoring Employees’ Health & Activities Outside Work in Germany, Poland and UK
(IAPP, February 2021)
Why the EDPB should avoid torpedoing BCRs for processors
(IAPP, April 2021)
NIS representation in the EU and UK — Was the March 31 deadline a turning point?
(IAPP, April 2021)
LinkedIn Live: ‘Data Transfers from the EU: Will derogations save the day?’
(IAPP, March 2021)
Why this French court decision has far-reaching consequences for many businesses
(IAPP, March 2021)
Federal Constitutional Court: CJEU must clarify whether GDPR provides materiality threshold
(IAPP, February 2021)
GDPR representatives in EU and UK after Brexit
(IAPP, February 2021)
European Commission releases draft UK adequacy decisions
(IAPP, February 2021)
Data transfers: Questions and answers abound, yet solutions elude
(IAPP, February 2021)
Croatian DPA shutters website: Protection of personal data or violation of freedom of speech?
(IAPP, February 2021)
EU Council ambassadors agree to negotiating position on ePrivacy Regulation
(IAPP, February 2021)
EDPS Infographic — EDPS Enforcement Powers
(EDPS, January 2021)
Government leaders discuss state of play for UK adequacy, data transfers
(IAPP, January 2021)
Comparing EU regulatory norms with incident reporting obligations
(IAPP, January 2021)
How does GDPR apply to clinical trial sponsors outside EEA? Views of EEA DPAs
(IAPP, January 2021)
Hard data localization may be coming to the EU — Here are 5 concerns
(IAPP, January 2021)
CJEU’s advocate general: One-stop shop means one-stop shop
(IAPP, January 2021)
CJEU opinion clarifies cross-border enforcement scenarios
(IAPP, January 2021)
UK, EU reach interim data flow agreement
(IAPP, January 2021)
LinkedIn Live: ‘Ask the Expert: How to Run a Global Privacy Program out of the EU’
(IAPP, December 2020)
Proposal for an EU Data Governance Act — a first analysis
(IAPP, December 2020)
How US, EU approach regulating ‘dark patterns’
(IAPP, December 2020)
ENISA Report — Guidelines for securing the IoT
(European Union Agency for Cybersecurity, November 2020)
European Commission: Recommendations for a safe and ethical transition towards driverless mobility
(European Commission, September 2020)
Frequently Asked Questions & Resources on ‘Schrems II’
(IAPP, August 2020)
DPA and government guidance on ‘Schrems II’
(IAPP, July 2020)
ENISA strategy: A trusted and cyber-secure Europe
(European Union Agency for Cybersecurity, July 2020)
White Paper – DPAs on the Ground
(IAPP, May 2020)
The GDPR at Two: Expert Perspectives
(IAPP, May 2020)
White Paper – GDPR at One Year: What We Heard from Leading European Regulators
(IAPP, August 2019)
View More Resources

Regional Resources

Click below to navigate to resources by region.

Albania, AustriaBelarus, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Georgia, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, MaltaNetherlands, North Macedonia, Norway, Poland, Portugal, RomaniaSerbia, Slovakia, Slovenia, Spain, Sweden, SwitzerlandUkraine, United Kingdom, Vatican City





View More Resources




View More Resources

View More Resources



View More Resources


View More Resources




View More Resources

View More Resources





View More Resources


View More Resources







View More Resources



View More Resources

United Kingdom Topic Page in IAPP Resource Center
On this topic page, you can find the IAPP’s collection of coverage, analysis and resources related to privacy in the United Kingdom.
Click To View