The European Data Protection Board is simplifying one of the more complex corners of the General Data Protection Regulation, adopting a new template designed to bring greater consistency and clarity to Data Protection Impact Assessments across Europe.
Booking.com has confirmed that hackers may have accessed customer booking data, after notifications sent to users began circulating online, first drawing wider attention through posts on Reddit.
As artificial intelligence quietly becomes part of daily routines, from recommendation engines to automated decision-making tools, regulators are starting to speak less like rulemakers and more like translators. On April 13, 2026, a data protection authority published “The Impact of Artificial Intelligence (AI) on Privacy,” the first installment in a new “AI & Data Protection” series aimed not at compliance teams, but at the people actually using these systems every day.
Europe’s data protection authorities issued more than €1.145 billion in fines in 2025, reinforcing a steady trend of high-value GDPR enforcement driven largely by the bloc’s biggest regulators, according to the European Data Protection Board’s latest annual report.
There is a date that does not yet appear on any calendar. Cybersecurity experts refer to it as Q-Day, the moment when a quantum computer becomes capable of breaking the encryption that protects nearly all sensitive digital communications worldwide. No one knows the precise timing. Estimates vary from a few years to possibly a decade or more.
Poland’s financial sector is becoming more digital, more interconnected, and, as a result, more exposed. That’s what the 2025 cybersecurity report says, published by CSIRT KNF, which outlines a threat landscape that is not only growing, but shifting in ways that make it harder to contain.
There’s a quiet recalibration happening inside Europe’s data protection regime. It’s not a rollback of rules, and it’s not a loosening of standards. But in its 2025 annual report, Denmark's Data Protection Authority (Datatilsynet) offers a window into something more subtle. Regulators are starting to acknowledge what many organizations have been grappling with for years. Compliance, as written, doesn’t always translate cleanly into practice.