class="img-responsive

Puls April 1, 2026

PodcastSmart Data Pulse

March 27, 2026

class="img-responsive

Judgments

META Damages (Higher Regional Court of Jena)

https://gerichte.thueringen.de/aktuelles/presseinformationen/detailseite/meta-konzern-zu-schadensersatz-verurteilt-az-3-u-31-25
Meta was ordered to pay damages for tracking practices that violated data protection laws. The court found that the use of tracking tools without valid consent constituted a clear violation of the GDPR.

  • Use of tracking tools without valid consent, even for non-users
  • Violation of key GDPR principles, in particular transparency and data minimization

Diagnostic Data: Limits for Insurers (Federal Administrative Court)

https://www.bverwg.de/pm/2026/16
The Federal Administrative Court has clarified that private health insurers may not use diagnostic data from invoices for their own analyses without consent. Even if the processing of health data is permitted, this fails in this case due to the lack of a legal basis in the specific instance.

  • The use of sensitive health data for supplementary or preventive purposes without consent is prohibited
  • The interests of the insured take precedence over the insurer's economic interests

Right to information: No free pass for abuse (ECJ)

https://rsw.beck.de/aktuell/daily/meldung/detail/eugh-C52624-ds-gvo-versto%C3%9F-auskunftsanspruch-missbrauch-schadensersatz
The ECJ clarifies that the right of access under Article 15 of the GDPR must not be exercised in an abusive manner. If it is used for purposes other than those intended, this may preclude claims for damages.

  • The right to access information serves the purpose of data protection, not the pursuit of unrelated objectives
  • Abuse may result in the loss of claims (e.g., for damages)

Fines and government agencies

Microsoft 365 & Cookies Prohibited in School Settings (Austrian Data Protection Authority)

https://noyb.eu
The Austrian Data Protection Authority has objected to the use of Microsoft 365 Education in conjunction with non-essential cookies in a school setting. Of particular note: The case was brought by noyb on behalf of a minor.

  • Use of non-essential cookies in educational settings deemed impermissible
  • The sensitive nature of the context (children) complicates the assessment under data protection law

Focus on Transparency Requirements: Audit of Recruitment Agencies (Brandenburg)

https://www.lda.brandenburg.de/lda/de/service/presseinformationen/details-presse/~19-03-2026-audit-on-transparency-requirements-with-a-focus-on-recruitment-agencies
The Brandenburg Data Protection Authority is launching an audit on transparency requirements with a focus on recruitment agencies. The goal is to verify whether information obligations toward data subjects are being properly fulfilled.

  • Focus on Articles 13 and 14 of the GDPR in Practice
  • Recruiters are under particular scrutiny by regulators

Data Protection at a Glance: Bavaria's Annual Report Published

https://www.lda.bayern.de/de/taetigkeitsberichte.html

The Bavarian State Office for Data Protection Supervision has published its latest annual report. The report provides insights into the office’s priorities, audits, and trends in supervisory practice.

  • Overview of current issues and common violations

Laws and News

IP Addresses: New Political Initiative (Merz)

https://rsw.beck.de/aktuell/daily/meldung/detail/merz–gesetzentwurf-ip-adressen
A new legislative proposal aims to revise the regulations governing the use of IP addresses. The focus is on whether, and under what conditions, IP addresses may be used more extensively for security purposes in the future.

  • The tension between security interests and data protection
  • Possible relaxation of existing data protection limits

Data Protection Education: Focus on Children and Adolescents (BfDI)

https://www.bfdi.bund.de/DE/Service/Publikationen/Unterrichtsmaterial/Unterrichtsmaterial-node.html
The BfDI provides educational materials on data protection for children and young people. The goal is to foster an early awareness of how to handle personal data.

  • Raising awareness of data protection as early as in school
  • Practical resources for teachers and educational institutions

DSK Calls for Changes: “Digital Fitness Check”

https://www.baden-wuerttemberg.datenschutz.de/digital-fitness-check-dsk-schlaegt-anpassungen-vor/
As part of a “Digital Fitness Check,” the German Data Protection Conference is calling for targeted adjustments to data protection law. The goal is to strengthen the rights of data subjects while at the same time providing practical relief for businesses.

  • Greater accountability for manufacturers and platforms
  • Reducing the burden on SMEs through clearer and more practical guidelines

Discover more podcasts

class="img-responsive
class="img-responsive
class="img-responsive
class="img-responsive

Overview

legal data

legal data Schröder Rechtsanwaltsgesellschaft mbH

27 Maximilian Street

80539 Munich

©2026

legal data Schröder Rechtsanwaltsgesellschaft mbH

to the top