GDPR in workplace disputes: access, evidence and enforcement
By Sypher | Published in News - June 22, 2026
Welcome to #SypherPrivacyTalks - your data protection, governance and compliance weekly roundup. Bringing you the top stories of the week.
GDPR right of access in employment disputes: a growing dilemma for employers
☝️ Employers face mounting risk as Article 15 GDPR requests double as discovery tools, requiring meticulous, document‑level assessments to avoid complaints, over‑disclosure or weakened legal positions… read more
👉 Related: EU court weighs GDPR and digital evidence in employment dispute
Amadeus IT Group receives €18m GDPR fine
insideprivacy.com • 4 min read
💶 Spain’s data protection agency AEPD has issued an €18 million fine against Amadeus for repurposing passenger name record data without transparency. This shows how easily legitimate interest collapses when reasonable expectations are misjudged… read more
👉 Related: Altex Romania, new €10,000 GDPR fine (article in Romanian)
Nearly one in three compliance professionals cannot confirm their risk assessments are current
vinciworks.com/blog • 4 min read
💡 Eight years on from GDPR, over half of organisations cannot confirm that their risk assessments are up to date, and basic risk reviews and training are lagging dangerously behind. This is all in the context of AI governance becoming the dominant compliance challenge… read more
EDPB common template for breach notifications – welcome alignment or further complexity?
📜 The EDPB’s draft EU‑wide breach notification template promises long‑awaited alignment but introduces far more granular reporting that may increase operational complexity. The template’s up for public consultation until 5 August 2026. After this, the EDPB will decide on the timeline and approach for implementation by Data Protection Authorities… read more
ICO guidance on IoT: What you need to know
lewissilkin.com/insights • 6 min read
🤖 The UK ICO’s new Internet of Things guidance warns that “genuine transparency is more than a privacy notice”, setting strict expectations for consent, DPIAs and privacy‑by‑design across connected consumer products. This makes privacy a product‑architecture issue… read more
--
Get connected with us on LinkedIn or by subscribing to our weekly newsletter. We do our best to select the most interesting and relevant content in our field and deliver it to you in a bite-sized format, so you can stay up to date on topics such as Privacy Management & Compliance.
