EU & UK
- The European Commission proposed to adopt an extension of the two adequacy decisions with the UK for a period of six months.
- The ICO unveiled new commitments under the U.K. government’s growth agenda that aim to leverage the existing data protection regulatory regime to support economic growth.
- The administrative court dismissed Amazon Europe Core SARL’s appeal against the CNPD’s EUR 746 million fine and corrective measures ruling of July 15, 2021.
- Noyb filed a complaint against ChatGPT for making up information about individuals, including a false story about how one user would be a child murderer.
- CPC has launched an enforcement action against Star Stable Entertainment AB to ensure a safer, more transparent experience for players of the Star Stable Online game.
- Turknet confirmed a data breach affecting over 1.5M customers in Türkiye.
AMERICAS
- New York’s AG reached a USD 975,000 settlement with Root for lack of security measures for the quoting tool.
- Arkansas introduced House Bill 1726 and 1717, focusing on online safety and privacy for children and teens. HB 1726, the Kids Online Safety Act (KOSA).
- The New York AG, with a coalition of other AGs, filed an amicus brief supporting an FCC rule to combat illegal robocalls, which cost consumers over USD 1.2 billion in 2023.
- House Bill 3875, requiring motor vehicle manufacturers to comply with the Oregon Consumer Privacy Act, was introduced and referred to the House Committee on Commerce and Consumer Protection.
ASIA PACIFIC
- The Cyberspace Administration of China released new security measures for facial recognition technology to be effective June 1, 2025.
- The National Privacy Commission (NPC) of the Philippines issued Joint Advisory mandating insurance-related entities to protect data privacy using privacy-enhancing technologies (PETs).
