The Dutch Data Protection Authority is fining the Dutch city of Enschede for the way they implemented a program to measure density in public spaces. It used smartphones’ Wi-Fi signals to approximate headcounts of people and was never intended to track how individual users move about a location, but the way it was deployed was in and of itself a GDPR violation. This is an interesting story to watch unfold, as the EU has (and continues to be) a leader in governments stepping in to protect the digital privacy of individuals.