EU & UK
- The Dutch data protection authority (AP) fined Netflix International B.V. EUR 4.75 million for GDPR violations, as announced on December 18, 2024.
- The European Center for Digital Rights (NOYB) has filed a complaint against Ryanair alleging a GDPR violation.
- The ANSPDCP fined UNICREDIT CONSUMER FINANCING IFN S.A. RON 24,890 for a GDPR violation after a data breach involving former employees’ personal data.
- EDPB released Opinion 28/2024 on certain data protection aspects related to processing personal data in the context of AI models.
- DPC fined Meta EUR 251 million following a data breach affecting approximately 29 million Facebook accounts globally.
AMERICAS
- NIST NCCoE requested comments on the cybersecurity internal report and white paper regarding genomic data.
- White House published the NSTC framework on data infrastructure and interconnectivity.
- EPIC submitted an amicus brief in NetChoice v. Bonta, an important case about the constitutionality of kids’ online privacy and safety protections.
- Bill for New York Children’s Online Safety Act referred to Senate Committee.
ASIA PACIFIC
- NPC of the Philippines released Advisory Opinion No. 2024-03, providing guidelines on child-oriented transparency for personal information controllers.
- TC250 requested comments on the draft cybersecurity standard on generative AI and technical requirements for minor modes.
- OPC of New Zealand has released the Biometric Processing Privacy Code for public comment, defining biometric information and its processing.
