EU & UK
- The Dutch AP published an opinion on the draft DNB Mortgage Market Reporting Act, highlighting concerns over the lack of pseudonymisation of customer data.
- CNIL issued a formal notice to companies for using misleading cookie consent banners that violate the Act on Data Processing, and Individual Liberties.
- Hungary’s NAIH released an official statement on the processing of voice recording.
- None of Your Business (NOYB) filed a complaint with the French data protection authority (CNIL) against BeReal SAS for alleged GDPR violations.
- EU police data plans pose “substantial security and privacy threats” as reported.
AMERICAS
- USA’s OCR reached a USD 548,265 billion settlement with Children’s Hospital Colorado for HIPAA violations.
- Democratic senators introduced a bill banning data brokers from selling location & health data.
- California’s CPPA voted to adjust the data broker registration fee and advance the ADMT rulemaking package to formal rulemaking.
ASIA PACIFIC
- PIPC imposed a fine of KRW 2.715 billion on AXA General Insurance Co., Ltd. for violations of the Personal Information Protection Act (PIPA).
- Australia’s Privacy and Other Legislation Amendment Bill received Royal Assent.
- PIPC sanctioned twelve general insurance companies for non-compliance with PIPA.