PrivacySignal
GDPR / Intl

EU Member States (and Google) suddenly want to keep cookie banners!

noyb (None of Your Business) · · EU · GDPR & International

The European Commission proposed replacing cookie consent banners with automated browser-based signals as part of its Digital Omnibus simplification package. However, Google and several EU member states, including Germany and France, have pushed back against the change, apparently preferring the current banner system.

Why this matters: Cookie banners were never really about you. They were about giving companies a paper trail showing you 'consented' to being tracked. Automated signals would shift that control back to the browser, away from the banner designed to wear you down until you click accept. Google and big ad-dependent businesses have obvious reasons to resist that. The more interesting story is that EU governments loudly calling for less regulation are also fighting to keep a system that mostly benefits data collectors, not people.

Who should care: Lawyers · Privacy officers · AI governance · Compliance · General readers · Policy

This summary is AI-assisted and may contain errors. It is an original briefing to help you gauge significance quickly — not a reproduction of the source. Always read the linked original before relying on it. See our methodology.

Related stories

GDPR / Intl
EDPB · · EU

EDPB and AMLA to develop Joint Guidelines on partnerships for information sharing

The European Data Protection Board and the newly established Anti-Money Laundering Authority have announced a joint effort to develop guidelines on how financial institutions can share customer information to fight money laundering and terrorist financing without violating data protection rules. The collaboration stems from an explicit provision in the EU's AML Regulation allowing such information exchanges.

Who should care: Lawyers · Privacy officers · AI governance · Compliance

#gdpr#regulation Read original →
GDPR / Intl
noyb (None of Your Business) · · EU

US Supreme Court just blew up EU-US Data Transfers

Data Transfers On Monday, the US Supreme Court decided in Trump v. Slaughter that the US Federal Trade Commission (“FTC”) may not be independent anymore. Since 2000, the EU has relied on the “independent” FTC as the enforcer of EU-US deals on personal data. According to EU treaty law, such oversight must be independent. In the current EU-US deal, the European Commission relies on the independent FTC 259 (!) times. Max Schrems: “Given that there are no independent authorities in the US anymore, we call on the European Commission to orderly withdraw the adequacy decision on the US.” Commission…

Who should care: Lawyers · Privacy officers · AI governance

GDPR / Intl
M Maryland Association of Counties · · International

Attorney General Releases Guidance on Community Trust and Data Privacy Acts

A state Attorney General has released formal guidance on laws governing community trust and data privacy, providing direction to counties on how to interpret and apply both statutes. The guidance appears aimed at helping local governments align their practices with the requirements of the acts.

Who should care: Lawyers · Privacy officers · Compliance

#state-privacy#regulation Read original →
GDPR / Intl
CNIL · · EU / France

Emerging technologies and the protection of children: G7 data protection authorities agree on key principles

Data protection authorities from G7 nations have jointly adopted a set of principles addressing how emerging technologies should handle children's data and safeguard minors online. The agreement signals coordinated regulatory intent across major democracies to hold technology developers to higher standards when children are involved.

Who should care: Lawyers · Privacy officers · AI governance · General readers · Policy

#gdpr#privacy Read original →
GDPR / Intl
DataBreaches.net · · International

UK: ICO statement on ‘Edtech examined’ report

The UK Information Commissioner's Office has published a report summarizing findings from its audits of educational technology providers, outlining how those companies handle personal data and where improvements were identified or made.

Who should care: Lawyers · Privacy officers · AI governance · General readers · Policy

#gdpr#privacy Read original →