Data Protection
g-digital, Garrigues’ digital business division, rounds off 2025 with new digital trust products and increases its eIDAS offering
With solutions designed to be integrated into all types of real-world client processes (evidence, signature, storage and certified notifications), it is gearing up for a 2026 marked by the entry into force of the European Digital Identity (EUDI) Wallet and the new compliance challenges faced by businessesData Economy, Privacy and Cybersecurity Newsletter - February 2026
In this newsletter, we offer the latest updates on everything related to the data economy, privacy, and cybersecurity. We cover the most recent rulings from relevant authorities and agencies, key court decisions, and the most important news in this field.EU pushes for a profound reshaping of the digital economy in 2026 with proposed changes to legislation governing AI, data and platforms
2026 brings a raft of reforms that will redefine AI, privacy and digital markets in the EU. The regulatory agenda is shifting towards greater transparency, greater oversight and new obligations for platforms, technology providers and companies that process data or rely on digital services. It will be a pivotal year in terms of anticipating risks, adapting processes and strengthening corporate digital strategies.New guidance on vehicle data and the Data Act: challenges and opportunities
The European Commission has published the first guidelines clarifying how the obligations of the Data Act apply to connected vehicles. The document provides guidance for manufacturers, providers and users on access to, and use and transmission of, the data generated by vehicles, paving the way to a new stage in automotive data governance and the structure of future business models based on digital mobility.Is pseudonymized data personal data? Key points following the European Court of Justice's judgment in the EDPS v SRB case
The judgment delivered by the European Court of Justice (CJEU) on September 4, 2025 in the EDPS v SRB case (case C 413/23 P) is an important landmark in the field of data protection, because it deals with the concept of “personal data” which is at the heart of the practice.Comparison of the transposition of NIS II by Portugal with that planned in Spain
In July 2025, the Portuguese government resumed the process of transposing Directive (EU) 2022/2555 (NIS2) by presenting Bill no 7/XVII/1 Below we compare this transposition with the Spanish bill, examining the areas of application that are subject and exempt in each case, as well as the planned penalty system.Data Economy, Privacy and Cybersecurity Newsletter - November 2025
In this newsletter, we offer the latest updates on everything related to the data economy, privacy, and cybersecurity. We cover the most recent rulings from relevant authorities and agencies, key court decisions, and the most important news in this field.Traveler registration: Is it legal to ask for a photocopy of a guest’s ID card or passport at the check-in desk of a hotel?
There is some uncertainty in the hotel industry over whether photocopies of ID cards or passports can or should be stored as proof of compliance with the obligations in Royal Decree 933/2021 on traveler registration. In this article we take a detailed look at what the legislation says and what guidance the AEPD has given on this subject.Data protection evolving regulation in Latin America and their impact on labor relations
The protection of personal data has become especially relevant in the workplace, driven by digital transformation, the growing use of personnel monitoring and management technologies, as well as the need to respect privacy in increasingly diverse work contexts. In recent months, countries such as Peru, Chile, and Mexico have been undergoing significant reforms that could require major changes in information management for employers.