>The Danish DPA reprimanded the Agency for Digital Government for having used JavaScript in connection with MitID, the Danish digital ID. Even though there were widely known concerns with the programming language, the Agency utilised it without conducting a prior risk assessment, breaching, among others, Article 32(1) GDPR.