EU & UK
- A judge has ruled that the UK government’s data privacy dispute with Apple must be heard publicly, siding with civil liberties groups and media outlets, including the BBC.
- Ireland’s DPC has announced an investigation into X for training AI on user data.
- Turkey’s KVKK announced a data breach involving Bellapais El Ayak Bakımı ve Güzellik Salonu, where unauthorised access was gained to their system.
- Spain’s data watchdog fined BBVA EUR 200,000—later reduced to EUR 120,000—for processing personal data without consent after it signed documents on a complainant’s behalf.
- Datatilsynet announced an audit of websites using tracking pixels tools that automatically send information about website visitors to third parties.
- The EU Commission endorsed Nokia’s BCR for data transfers, covering both controller (BCR-C) and processor (BCR-P) roles, following approval by Finland’s data authority.
AMERICAS
- Two US lawmakers have urged the White House to end the UK data treaty after Apple’s backdoor order.
- The U.S. DoJ published FAQs and a Compliance Guide on the Final Rule to prevent access to U.S. sensitive personal and government-related data by countries of concern.
- Senate Bill 1038, aimed at amending Hawaii’s breach notification law, was referred to the House Committees on Consumer Protection & Commerce.
- House Bill 5495, filed in the Texas State House, mandates the use of global privacy controls to protect consumer data by treating such controls as valid requests.
