EDPO (European Data Protection Office)

👋 Welcome to EDPO’s LinkedIn Page! We may sound like a European institution, but EDPO is a private company dedicated to helping non-EU businesses comply with the GDPR by acting as their representative in Europe under Article 27. Here’s what you’ll find on this page: 📢 The latest impactful news on data protection, including new developments, trends, and global updates. 🤖 Insights into how AI is transforming the data protection landscape. 🌍 Expert commentary and resources to help businesses navigate data compliance and build trust. Every day, our team curates the most relevant news and shares it with you. If you're passionate about data protection, AI, and staying ahead of global trends, hit that follow button and join the conversation! #GDPR #DataProtection #Compliance #DataPrivacy #EDPO

“A group of U.S. senators on the Senate Select Committee on Intelligence sent a letter Wednesday to the White House raising alarms about potential privacy and national security risks posed by the recently created Department of Government Efficiency. The letter, which was sent to White House Chief of Staff Susie Wiles and signed by Committee Chair Mark Warner, D-Va., and Sens. Ron Wyden, D-Ore., Martin Heinrich, D-Minn., Angus King, I-Maine, Michael Bennett, D-Colo., Kirsten Gillibrand, D-N.Y., Jon Ossoff, D-Ga.., and Mark Kelly, D-Ariz., states they have ‘grave concern’ about DOGE's actions, ‘which risk exposure of classified and other sensitive information that jeopardizes national security and violates Americans' privacy.’” #Privacy #GDPR #dataprotection #DOGE #USSenate #PrivacyRisks   Subscribe to EDPO's newsletter here: https://lnkd.in/dwK8sde   *This article was not written by EDPO. The opinions and views of the author(s) do not necessarily represent those of EDPO. https://lnkd.in/eV5yDG7m

Need to navigate Art 27 of the GDPR, Art 13 of the DSA , Art 26(3) of NIS 2, or the upcoming AI ACT? EDPO bridges the gap—so you don’t have to. Contact us and simplify EU compliance today.

“As part of its overarching Cybersecurity Strategy, the EU has rolled out two significant frameworks to promote and strengthen cybersecurity standards within the EU marketplace: the Network and Information Security Directive II and the Cyber Resilience Act. According to the European Commission, the CRA is intended to complement the NIS2 cybersecurity framework and is part of a broader "series of comprehensive measures" being deployed in the EU to enhance cybersecurity standards.” #Privacy #GDPR #dataprotection #NIS2 #CyberSecurity    Subscribe to EDPO's newsletter here: https://lnkd.in/dwK8sde   *This article was not written by EDPO. The opinions and views of the author(s) do not necessarily represent those of EDPO. https://lnkd.in/dx79Td4E

“A cybersecurity firm has found an errant public-facing DeepSeek database full of lines that appear to include chat history, among other sensitive internal elements. Though the researchers ethically disclosed the database leak to DeepSeek and it was closed up before being made public, their report notes that it was so easy to find that there is a good chance others were able to get to it first. […] The database leak appears to be a misconfiguration of a ClickHouse repository to allow for unauthorized HTTP access via arbitrary SQL queries. The issue was discovered via scanning by the cybersecurity firm Wiz, who said that attackers could have taken full control over database operations but that there is no other clear sign of abuse at this time.” #Privacy #GDPR #dataprotection #DeepSeel #DataLeak    Subscribe to EDPO's newsletter here: https://lnkd.in/dwK8sde   *This article was not written by EDPO. The opinions and views of the author(s) do not necessarily represent those of EDPO. https://lnkd.in/djgTvT_6

“As part of his broad housecleaning amongst federal officials and employees, Donald Trump has removed three Democrat-affiliated members of the Privacy and Civil Liberties Oversight Board (PCLOB). That could send EU-US data transfers back into chaos after things had finally seemed to stabilize with the 2023 EU-US Data Privacy Framework, though the privacy board does remain intact. The European Commission has not committed to any actions yet, but has said it is monitoring the situation and will “respond appropriately.” The 2023 agreement allowed the US to once again join the ranks of trusted EU data partners after years of legal challenges upended prior agreements, and the door would be open for those challenges to return if the board is determined to have been rendered ineffective.” #Privacy #GDPR #dataprotection #EUUS #DataTransfer #DataPrivacyFramework    Subscribe to EDPO's newsletter here: https://lnkd.in/dwK8sde   *This article was not written by EDPO. The opinions and views of the author(s) do not necessarily represent those of EDPO. https://lnkd.in/egFBUA-R

“DeepSeek, the Chinese AI company, is raising the ire of regulators around the world. DeepSeek’s viral AI models and chatbot apps have been banned by a growing number of countries and government bodies, which have expressed concerns over DeepSeek’s ethics, privacy, and security practices. Corporations have banned DeepSeek, too — by the hundreds. The biggest worry reportedly is potential data leakage to the Chinese government. According to DeepSeek’s privacy policy, the company stores all user data in China, where local laws mandate organizations to share data with intelligence officials upon request. As the list of regions where DeepSeek’s apps are no longer available grows, we’ll continue updating this roundup. Also included: the public sector departments that have prohibited DeepSeek tech.” #Privacy #GDPR #dataprotection #DeepSeek #AIBan #ChineseAICompany    Subscribe to EDPO's newsletter here: https://lnkd.in/dwK8sde   *This article was not written by EDPO. The opinions and views of the author(s) do not necessarily represent those of EDPO. https://lnkd.in/drt_z7hd

“Paying LinkedIn subscribers may have been spooked by a recently-filed lawsuit that indicated the “Premium” subscription was not necessarily guaranteeing that their private messages stayed private. In certain countries, generally those without strong data privacy laws at the national level, the company was accused of training AI models with private InMail messages that may have also been provided to third parties. However, that suit has now been dismissed as LinkedIn has presented evidence that it did not use these messages for AI training. The suit was filed in California and noted that while customers in a number of countries were automatically exempted from having their data put toward training AI models, US users had their content and messaging (including private messages) included by default. A setting then had to be manually toggled off to prevent data sharing, but the description of the setting did not indicate that InMail private messages would be included.” #Privacy #GDPR #dataprotection #LinkedInAI #AITraining    Subscribe to EDPO's newsletter here: https://lnkd.in/dwK8sde   *This article was not written by EDPO. The opinions and views of the author(s) do not necessarily represent those of EDPO. https://lnkd.in/eNXa3Ca8

Last Week in Insights! Stay informed with our recap of last week’s key updates in data protection and tech regulation. Save this post for later or share it with your network! Let us know which news caught your attention in the comments! 👇 1/ Hackers exploit Google Ads in a major malvertising campaign. 🔗 https://lnkd.in/e9zCitbW 2/ Only 1.3% of cases before EU data protection authorities result in fines. 🔗 https://lnkd.in/eukJcuqR 3/ DeepSeek AI disrupts the AI sector with low-cost, high-performance models. 🔗 https://lnkd.in/gGe3sz4p 4/ Ireland and Italy demand answers from DeepSeek on data privacy concerns. 🔗 https://lnkd.in/g-M28B3J 5/ EU lacks clear guidance on banned AI systems as AI Act rules take effect. 🔗 https://lnkd.in/ezcgrWUn 6/ Italy’s regulator blocks Chinese AI app DeepSeek over data protection risks. 🔗 https://lnkd.in/eF4MGe2c

“As of Sunday in the European Union, the bloc’s regulators can ban the use of AI systems they deem to pose ‘unacceptable risk’ or harm. February 2 is the first compliance deadline for the EU’s AI Act, the comprehensive AI regulatory framework that the European Parliament finally approved last March after years of development. The act officially went into force August 1; what’s now following is the first of the compliance deadlines. The specifics are set out in Article 5, but broadly, the Act is designed to cover a myriad of use cases where AI might appear and interact with individuals, from consumer applications through to physical environments.” #Privacy #GDPR #dataprotection #AIAct #EULegislation #AIBan   Subscribe to EDPO's newsletter here: https://lnkd.in/dwK8sde   *This article was not written by EDPO. The opinions and views of the author(s) do not necessarily represent those of EDPO. https://lnkd.in/gMN-Gz7D