EU & UK
- The Council of the EU adopted the European Health Data Space Regulation (EHDS), which sets rules for secure health data exchange, use, and reuse.
- The European Data Protection Board (EDPB) has adopted a report on the implementation of the right of access by controllers.
- Bundesnetzagentur fined companies EUR 1.373 Million for unlawful telemarketing in 2024.
- UODO fined Toyota Bank Polska SA PLN 576,220 for GDPR violations, including improper DPO placement and failure to document profiling activities.
- EDPB has adopted guidelines on pseudonymisation, as well as a statement on the interplay of competition law and data protection.
AMERICAS
- Senate Bill 929 passed the Senate on January 21, 2025, it aims at amending general business law to protect health information and moved to the Assembly.
- Senate Bill 1037, the Consumer Data Protection Act, passed its first reading in Hawaii’s Senate, aiming to regulate entities handling personal consumer data.
- Nebraska’s Legislative Bill 383, titled the Parental Rights in Social Media Act, was introduced and referred to the Judiciary Committee on January 22, 2025.
- US executive orders signed may prevent EU businesses and public bodies from using US cloud providers without violating EU privacy laws.
