EU & UK
- Romania’s National Supervisory Authority for Personal Data Processing (ANSPDCP) fined AG-BROKER ASIGURARE RON 24,890 for GDPR violations after a data breach.
- The EU launched an investigation into adult websites for failing to protect minors under the Digital Services Act.
- The CNIL fined CALOGA EUR 80,000 for GDPR breaches, including invalid marketing consent, poor withdrawal options, unlawful data sharing, and excessive data retention.
- Norway’s Ministry of Digitization and Administration submitted questions to TikTok regarding cross-border transfers of Norwegian user data.
- Malta’s IDPC published FAQs for employer data protection obligations.
- The Polish UODO announced a national study to evaluate how data controllers exercise the right to be forgotten under Article 17 of the GDPR.
AMERICAS
- Adidas disclosed it’s been hit by a cyber-attack in which customers’ personal information has been stolen.
- Global CBPR Forum launched international data protection and privacy certifications and opened participation to new members.
- Texas Governor has signed a law requiring Apple and Google to verify users’ ages on their app stores, to regulate smartphone access for children and teens.
- LexisNexis Risk Solutions has disclosed a data breach affecting more than 364,000 people.
- The U.S. Department of Health and Human Services settled with BayCare Health System over unauthorised access to sensitive patient data.
ASIA PACIFIC
- China’s TC260 released guidelines on service capability requirements for audit professional institutions.
