Key Takeaways from Summer 2025’s Data Privacy Developments
ON TOP OF DATA PRIVACY
Now that the summer of 2025 is nearing its end – what has happened in the realm of data privacy? Perhaps most notably, it has been a quiet summer without any major events or controversies. Still, worthy of note is:
EU Finalises General-Purpose AI Code of Practice
The GPAI, EU’s The General-Purpose AI Code of Practice was finalised in early July. This voluntary Code takes aim at Transparency and Copy Right compliance when developing such models. Provisions on Safety and Security is only relevant to the small number of providers of the most advanced models. Politically controversial, AI developers are divided on whether this Code hinders or enhances competitiveness.
EDPB Endorses GDPR Amendment
The European Data Protection Board (EDPB) and The European Data Protection Supervisor (EDPS) gave their blessing to the EU Commission’s proposed amended of the GDPR for the purpose of simplification of the record keeping obligation for small and mid-cap enterprises. For a deep dive of this proposed amendment, our analysis is available here.
On the Horizon
The European Court of Justice (ECJ) upcoming judgement in SRB v. EDPS is expected by 5 September. The core question is whether the disclosure of pseudonymized data to third parties is a disclosure of personal data – i.e. does the data retain its properties as “personal data” if the key to re-identify the data subject is not shared?
On Top of Data Privacy
On September 16, we will unveil the On Top of Data Privacy Q3. In an easily digestible 15 minutes video podcast, we will provide you with a summary of key events during the past quarter.
To learn what happened during Q2, please click here.
