#gdpr--privacy

#gdpr--privacy

Cookie banners have become bloated and useless, creating a new kind of interaction that means trouble all over the web. The only solution is to get rid of them, and do it now.

Meta's messaging app WhatsApp could soon be subject to deeper scrutiny (and punishment) under the European Commission's Digital Services Act, Reuters reports. Because the app's broadcasting feature WhatsApp Channels grew to around 51.7 million average monthly active users in the European Union in the first six months of 2025, the feature has crossed the 45-million-person barrier that lets DSA rules apply.

"With this law, we are implementing European requirements in a maximally innovation-friendly way and creating lean AI supervision with a clear focus on the needs of the economy," Federal Digital Minister Karsten Wildberger said in a statement.

In late December 2025, Elon Musk's AI company xAI updated its Grok chatbot, integrated into the social media platform X, with a new image-editing feature. Within days, users were exploiting it to generate realistic sexualised images of real women and girls without their consent, including content that regulators said depicted minors in a manner that constituted child sexual abuse material.

The groups complain about "the increasing concentration of power and lack of alternatives in digital markets, the push for deregulation, and the urgent need to enforce digital laws to protect our fundamental rights and create a level playing field for competition and innovation."

Research analyzing 4,700 leading websites reveals that 64% of third-party applications now access sensitive data without business justification, up from 51% in 2024. Government sector malicious activity spiked from 2% to 12.9%, while 1 in 7 Education sites show active compromise. Specific offenders: Google Tag Manager (8% of violations), Shopify (5%), Facebook Pixel (4%).

How do privacy regulators decide which companies to poke? Often, it's a consumer complaint. Other times, it's a headline. And, sometimes, it's just personal. Regulators are consumers, too, after all. But it's important to remember that every brush with a regulator doesn't turn into a full-blown case, said privacy attorney Tyler Bridegan. Bridegan spent nearly two years as director of privacy and tech enforcement for the Texas attorney general's office. He left government work and returned to private practice in October as a partner at Womble Bond Dickinson.

This Privacy Notice applies to all personal information processed by CoinDesk, including its affiliates and subsidiaries (" CoinDesk," " we," " us," or " our "). It covers the information CoinDesk collects through the websites, mobile applications, electronic devices, all other products and services we provide, any other services that display this Privacy Notice, all of the associated content, functionalities, and advertising, and when you communicate with us by phone, email, or otherwise (collectively, the " Services ").

Ad fraud isn't just a marketing problem anymore - it's a full-scale threat to the trust that powers the digital economy. In 2024 alone, fraud in mobile advertising jumped 21%, while programmatic ad fraud drained nearly $50 billion from the industry. During data privacy week 2026, these numbers serve as a reminder that ad fraud is not only about wasted budgets - it's also about how consumer data moves, gets tracked, and sometimes misused across complex ecosystems.

The European Parliament has taken a rare and telling step: it has disabled built-in artificial intelligence features on work devices used by lawmakers and staff, citing unresolved concerns about data security, privacy, and the opaque nature of cloud-based AI processing. The decision, communicated to Members of the European Parliament (MEPs) in an internal memo this week, reflects a deepening unease at the heart of European institutions about how AI systems handle sensitive data.