EU & UK
- CNIL released two guidelines for data breaches in the education sector, targeting data protection officers and administrative staff.
- The Market Court annulled the Belgian DPA’s EUR 250,000 fine against IAB Europe for GDPR violations related to the Transparency and Consent Framework (TCF).
- The Consumer Advice Centre applied for an injunction against Meta Platforms Ireland Limited to prevent the use of EU users’ personal data for AI training.
- The European Commission sought feedback on draft guidelines for protecting minors online under the Digital Services Act, focusing on privacy, safety, and security.
- The EU and Japan released a joint statement from their third DPC Council meeting, emphasising their cooperation on digital identities and improved data sharing.
AMERICAS
- The U.S. Consumer Financial Protection Bureau withdrew proposed rules limiting data brokers from selling Americans’ sensitive personal information.
- Texas Attorney announced that the office had reached a preliminary agreement to settle a privacy infringement lawsuit against Google for USD 1.4 billion.
- A bipartisan group of U.S. senators reintroduced the Kids Online Safety Act, which passed in the Senate last year 91-3.
- Google published research on differential privacy on trust graphs, aiming to allow users to have control over their data by sharing information with individuals they trust.
- Coinbase confirmed a system breach that resulted in customer data, including government-issued identity documents, being stolen.
