EU & UK
- None of Your Business (NOYB) filed two complaints with the European Data Protection Supervisor (EDPS) against the EU Parliament over a massive data breach.
- The Hamburg Commissioner for Data Protection and Freedom of Information (HmbBfDI) published its report for 2024 in which it imposed fines totalling 130,000 EUR for violations of GDPR on various companies.
- Ministry of National Education Poland declared that the register of issued certificates of completion of a qualification course will no longer contain data on the place of birth of the course participant.
- ICO launched a new tool to help small businesses create privacy policies.
- The National Supervisory Authority for Personal Data Processing (ANSPDCP) fined ANA Hotels SRL RON 39,770 for violations of GDPR, following a data breach.
AMERICAS
- The Governor of Illinois signed House Bill 3773 on predictive data analytics amending the Illinois Human Rights Act.
- The National Institute of Standards and Technology (NIST) announced the publication of the draft digital identity guidelines.
- Assembly Bill 3139 on Remote Vehicle Technology which deals with user privacy was read for a second time in the California State Senate and ordered to a third reading.
ASIA PACIFIC & INDIA
- PCPD Hong Kong published new versions of the Code of Practice on the Identity Card Number and Other Personal Identifiers.
- The Securities Exchange Board of India (SEBI) issued the Cybersecurity and Cyber Resilience Framework (CSCRF) for SEBI Regulated Entities (REs).
- Telecom Regulatory Authority of India (TRAI) issued a Direction for taking measures to curb misuse of messaging services.
