In an IAPP article in 2018, a record of high-risk data processing activities was compiled from the EDPB opinions of Article 35(4) draft lists submitted by 22 supervisory authorities. This piece revisits that original analysis and looks at what's new.
