EU & UK
- ICO released guidance for employers on managing employment records in compliance with the UK GDPR and the Data Protection Act (DPA).
- ICO launched a direct marketing advice generator to help organisations comply with UK privacy laws, including PECR and GDPR.
- The CNIL released two recommendations to align artificial intelligence (AI) practices with the GDPR, focusing on informing individuals and facilitating their rights.
- FDPIC released a guide on data breach notifications under Article 24 of the Federal Act on Data Protection 2020.
- Data (Use and Access) Bill passed first reading in the UK House of Commons.
- EU issued a request for information (RFI) to Shein seeking details on the transparency of Shein’s recommender systems, data access for researchers, consumer protection measures, and user data protection.
AMERICAS
- The New York State Department of Financial Services (NYDFS) settled with PayPal, Inc. for USD 2 million after PayPal’s investigation revealed a data breach.
- Senate Bill 726 was introduced to the Senate; it is on the provision of information on personal data collection by operators of smart devices.
- A coalition of AGs have taken legal action against the DOGE for unauthorised access to Americans’ personal information within the Treasury Department’s payment systems.
- New Mexico’s House Bill No. 313 requires age verification tech for digital devices and services introduced in the House.
