Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

That is right, and even explicit in the GDPR: the handling of personal data by Union institutions is regulated under the existing Regulation 45/2001.



Clearly the exisiting regulation 45/2001 has a little more wiggle room. FTA:

> This leak would normally constitute a breach of the General Data Protection Regulation (GDPR) if other organisations had done it themselves. However, a spokesman the commission said, based on “legal reasons”, European institutions are separate from the GDPR.


Yes, at the time. In October, that regulation was replaced by Regulation (EU) 2018/1725, which adapted it to the principles of the GDPR. So essentially you had a gap of a few months, during which that event occurred.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: