On Top of Data Privacy Go to content
Consulting Services On Top of Data Privacy
Advisory Managed Services
Tech Solutions On Top of Data Privacy
Quantitative Analytics Financial Data Management Risk Management AML Software
Industries
This is Advisense On Top of Data Privacy
Advisense | talks Client Stories News Career Management & Board Sustainability at Advisense Events
Contact
On Top of Data Privacy EN
Consulting Services
Tech Solutions
This is Advisense

Select your region and language

Search

On Top of Data Privacy Data Privacy

On Top of Data Privacy

On Top of Data Privacy proactively monitors and reports on key developments, incidents and news in the data privacy arena.

With timely updates and strategic insights, we help you stay ahead, ensure compliance and strengthen sustainable privacy practices.

On Top of Data Privacy On this page
On Top of Data Privacy

Insights that Keep You Ahead, Compliant and Future-Ready

  • Stay ahead with timely updates and insights
  • Ensure compliance through clear guidance
  • Strengthen privacy practices for long-term sustainability

Episode Q4 (2025)

The Must-Know Takeaways

EDPB Announces 2026 CEF Focus: Transparency
The European Data Protection Board (EDPB) has selected transparency and information obligations as its 2026 Coordinated Enforcement theme. Authorities will review how organisations meet these duties, for example, whether privacy notices and related disclosures clearly explain what data is collected, how it is obtained, and how it is used.

New Rules for Cross-Border GDPR Enforcement
The European Parliament has adopted new rules to make cross-border GDPR enforcement faster and more predictable. The framework introduces fixed deadlines (12–15 months), clearer cooperation mechanisms among authorities, and strengthened procedural rights for both complainants and organisations. Following EU Council approval, a 15-month implementation period will apply.

The Interplay Between GDPR and Emerging Digital Laws
With the Digital Services Act (DSA), Digital Markets Act (DMA) and AI Act now in force or nearing implementation, understanding how these frameworks interact with the GDPR is increasingly important. The EDPB is developing guidelines to clarify overlaps, starting with the DMA and DSA, to promote a coherent and consistent approach to compliance across the EU’s digital regulatory landscape. Guidance for the AI Act is also expected to follow.

Deep Dive: The Rise of Nordic Data Leaks
Recent large-scale incidents — such as those involving S-Bank in Finland and Miljödata in Sweden — highlight a growing trend of cyber and data breaches. These cases emphasise the need for stronger integration between privacy and security functions, reduced data footprints, and continuous employee awareness initiatives to mitigate both likelihood and impact.

On the Horizon: EU Plans to Extend UK Data Adequacy
The European Commission plans to extend the UK’s adequacy decision until 2031, allowing continued EU-UK data transfers without additional safeguards. The EDPB has issued an opinion outlining areas requiring further analysis and ongoing oversight before a final decision is reached.

Episode Q3 (2025)

The Must-Know Takeaways

We have summarised the highlights from On Top of Data Privacy Q3.

General Court Confirms EU–US Data Privacy Framework
The General Court upheld the EU–US Data Privacy Framework by dismissing a request to overturn the adequacy decision As a result, the framework remains in force.

The Voluntary Code of Practice Finalised for General Purpose AI Models
Meanwhile, the voluntary Code of Practice for general-purpose AI models has been finalised. Introduced in July, it applies to AI model developers and providers, focusing on transparency, IP, and where relevant, security and safety. In doing so, it supports compliance with the upcoming AI Act.

EDPB and EDPS Back Easing of GDPR Recordkeeping Duties
The joint opinion supports the EU Commission’s proposal to simplify Article 30 record-keeping obligations for small and medium-sized enterprises.

Swedish Court Clarifies Data Protection Authority’s Duty on Complaints
The Court of Appeal in Stockholm ruled that the authority is not obliged to launch formal investigations into every complaint, requiring only appropriate due diligence.

EU Court of Justice Rules on Pseudonymised Data Disclosure
Additionally, in the SRB vs EDPS case, the Court of Justice of the EU clarified that sharing pseudonymised data with another controller does not always constitute disclosure of personal data.

Sweden to Decide Supervisory Authority for AI Act by September
An upcoming report will clarify supplementary legislation and designate Sweden’s supervisory authority for the AI Act, likely the telecom authority, following the Nordic trend of expanded digital oversight.

AI Act | Why AI Literacy is Essential

This article explains how AI literacy is defined, its purpose, and where regulatory accountability lies.

EU's Proposed GDPR Reforms

The EU’s swift proposal to reform aspects of the GDPR has raised questions across the compliance landscape. Are we seeing meaningful change or merely a strategic signal?

Stay Informed on Data Privacy

Stay ahead in the evolving world of data privacy. Sign up to receive On Top of Data Privacy videos, webinars, our quarterly in-depth articles, and additional insights.

Data Privacy

Our Expertise

Our Data Privacy team combines hands-on project experience with acting as DPOs for leading financial and non-financial institutions.

Learn more

Related latest news

Hot Audit Topics for 2026

2025-12-11
A changing environment We are living in a world that is riskier and more uncertain than for many years. A state of crisis is nowadays…

When Data Leaks Become Intelligence: How Personal Data Fuels Targeted Attacks

2025-11-27
In recent months, several high-profile data breaches have occurred in Sweden, including Miljödata, SportAdmin, Verisure, and Svenska Kraftnät, where attackers exposed large volumes of personal…
On Top of Data Privacy More news

Offices

This is Advisense