The European Data Protection Board (EDPB) and European Data Protection Supervisor (EDPS) already agree that a European Commission-proposed change to the definition of personal data in the digital omnibus "seems to go further than the recent CJEU [Court of Justice of the EU] case law, and beyond a targeted modification of the GDPR," the EDPB said Thursday.

The U.K. Office of Communications fined porn site operator AVS Group 1 million pounds ($1.3 million) for its lack of strong age checks, plus another 50,000 pounds ($66,000) for failing to respond to the regulator's information request, it said Thursday. An operator of 18 adult sites, AVS faces a daily penalty of 300 pounds ($400) from today "until it responds or for 60 days, whichever is sooner," Ofcom added.

The European Data Protection Board (EDPB) met Tuesday for a second time with data protection commissioners and DPAs from countries and the European Patent organization, all of which have been determined to have adequate data protection practices, it said Wednesday. During the online session, they shared views on past activities and updates on the next enforcement and advisory priorities, it said.

The French subsidiary of American Express breached cookie rules, said the country's privacy regulator, CNIL, on Wednesday as it fined the company 1.5 million euros ($1.7 million).

Before publishing an ad on their platforms, online marketplace owners are responsible for ensuring that an advertiser is the actual person whose sensitive information appears in an ad or that the advertiser has the express consent of that person, the European Court of Justice (ECJ) said Tuesday (Case C-492/23, Russmedia Digital and Inform Media Press).

French privacy regulator CNIL and public financial institution Deposits and Consignments Fund (Caisse des Depots) announced an agreement Monday to boost cooperation on the responsible use of personal data protection and AI within the Caisse.

The U.K. ICO will begin monitoring 10 popular mobile games played by children, it said Monday. The review will assess the games' compliance with default privacy settings, their geolocation controls and their targeted advertising practices, as well as any other privacy issues identified.

The European Commission's proposed digital omnibus, including possible changes to the GDPR, is on the European Data Protection Board's plenary agenda for Wednesday. The discussion will focus on the proposal itself and the board's contribution to it.

Parents shouldn't post photos and videos of children on social media ("sharenting"), French DPA CNIL and Italian watchdog Garante said this week.

The EU must protect kids online better than it does now, the European Parliament said in an own-initiative resolution approved Wednesday. Among other things, lawmakers said, the EU should prevent children from accessing social media before the age of 16 (13 if they have parental consent), and require better age-assurance mechanisms.