Although gender identity does not constitute sensitive data under the GDPR, its legal protection is nevertheless very robustly designed. Companies that choose to disregard it may face claims for damages and fines.

The fifth anniversary of the General Data Protection Regulation (GDPR) in Croatia has ushered in an unforeseen and substantial transformation in the sphere of data protection. This notable shift is characterized by a surge in enforcement actions led by the Croatian data privacy watchdog, commonly known as the Personal Data Protection Agency (DPA – in Croatian AZOP). In stark contrast to the relatively quiet initial three years following the enactment of the GDPR (2018-2021) in Croatia, 2023 has become a turning point, witnessing a seismic shift in Croatian data protection enforcement.

With artificial intelligence dominating tech conversations over the last year and with a draft AI Act being looked at by the EU, CMS Partners Dora Petranyi, Gabriela Staber, Klaus Pateter, and Olga Belyakova look at where AI is today and how European legislation might impact its future.

Recently, in the legal framework of Moldova was proposed a project regarding the modification of Standard Contractual Clauses (“SCCs”) for cross-border transmission of personal data that is meant to give a good refresh to the current regulation and ensure a better harmonization with the GDPR.

After spending one year as an Associate Partner with Walless, Zane Bormane has rejoined Triniti in Latvia as a Partner in December 2023.

In January 2023, a new directive on measures to ensure a high common level of cybersecurity in the Union (the "NIS 2 Directive") entered into force, and is to be transposed by 17 October 2024.