Blog

The European Commission and the European Data Protection Board (EDPB) are preparing guidelines on the interplay of the Digital Markets Act with the EU’s main privacy law - the General Data Protection Regulation (the GDPR).

I joined Eric Seufert again on the Mobile Dev Memo podcast to talk about the European Commission’s newly unveiled “digital omnibus” package and what it means for the GDPR, AI, cookies, and the broader competitiveness debate in Europe.

“Europe is so back. No more cookie banners.” Alas, no. Cookie banners are staying. But the banner is just an irritating symbol of the fact that European politicians can’t quite muster the will to do the hard things we need.

OpenAI’s Sam Altman has been publicly floating the idea of “AI privilege,” a form of legal confidentiality to protect interactions between users and AIs. According to Altman: “We should apply as much protection as when you talk to … your human doctor or your human lawyer, as you do when you talk to your AI doctor or AI lawyer.

I’ve been arguing that the EU’s data protection law—the GDPR—needs to be reformed, mostly due to the absolutist approach taken to its interpretation by the data protection authorities. Even a year ago this may have seemed far-fetched.

Meta announced today the introduction of a cheaper and simpler than in the EU version of “pay or consent” (subscription for no ads) for Facebook and Instagram for UK users. This follows Meta’s discussions with the UK Information Commissioner’s Office (ICO), which issued a guardedly positive statement about the development.

Apple has issued a sharply critical statement regarding the impact of the EU Digital Markets Act (DMA) and its impact on Apple products in the EU. The company says EU users will see delays to features such as AirPods’ live translation and iPhone Mirroring on macOS.

In a new webinar convened by Oles Andriychuk (University of Exeter), I debated two competition law scholars (Simonetta Vezzoso, University of Trento, and Marco Botta, European University Institute) on the topic of the EU Commission’s DMA enforcement decision against Meta (“pay or consent”).

Much has been said about the so-called “Brussels Effect”—that is, the European Union’s animating conceit that its mission is to make rules for the entire world. Without irony, the EU has embraced the meme that others innovate, while the EU regulates.

Over the past two weeks, the European Commission held a second round of public workshops with the designated “gatekeeper” companies Alphabet, Amazon, Apple, Bytedance, Meta, and Microsoft. Having analyzed the first round in April 2024 from a privacy and security perspective, I now examine what happened in Brussels during these follow-up sessions.