From biometric fines to Meta’s chronological feeds and GRC certifications
By Sypher | Published in News - March 16, 2026
Welcome to #SypherPrivacyTalks — Your news and article roundup. Bringing you the top privacy & compliance stories of the week.
Spain’s AEPD fines Yoti $1.1M for biometric data handling violations
biometricupdate.com • 4 min read
👁️ Spain’s Data Protection Agency has fined UK digital identity provider Yoti €950,000 for unlawfully processing biometric data, highlighting ongoing tensions around consent, retention and the use of facial biometrics for digital identity verification… read more
Related: A company was issued a warning by the Romanian data protection authority for attempting to install a facial recognition system for employees in its offices… read more (article in Romanian)
A look back at sanctions imposed for breaches of data protection regulations in 2025
lexology.com & filipandcompany.com • 3 min read
💶 New figures from the Romanian National Supervisory Authority for personal data processing show an increase in enforcement activity in 2025, with more investigations and over €500,000 in GDPR-related fines, largely driven by security failures, unlawful monitoring, and weak consent practices… read more (version in Romanian here)
Court of Justice of the EU confirms judicial review of EDPB binding decisions
⚖️ The Court of Justice of the European Union ruled that companies can challenge the decisions of the European Data Protection Board before the final ruling of their national authority, thus opening the door to dual-track litigation in the enforcement of the GDPR… read more
Dutch court raises penalties on Meta if non-profiling feeds don’t stick
🧑⚖️ A Dutch court has upheld a ruling that requires Meta Platforms Inc. to provide chronological feeds to Facebook and Instagram users in the Netherlands, in order to ensure transparency and compliance with the EU Digital Services Act… read more
Top 12 governance, risk, and compliance certifications
🎓 As the scope of governance, risk and compliance roles grows, certifications are becoming an essential credential for professionals responsible for managing enterprise risk, cybersecurity and regulatory compliance… read more
--
Get connected with us on LinkedIn or by subscribing to our weekly newsletter. We do our best to select the most interesting and relevant content in our field and deliver it to you in a bite-sized format, so you can stay up to date on topics such as Privacy Management & Compliance.
