EU & UK
- The EU Commission requested feedback on age assurance in app stores under DSA.
- France’s privacy authority declared enhanced surveillance systems neither necessary nor proportionate for age verification, citing GDPR violations.
- Ireland’s Data Protection Commission opened an investigation into TikTok’s potential transfer of EEA users’ personal data to servers in China.
- Poland’s Deputy PM urged an EU probe into the AI chatbot Grok under the Digital Services Act.
- The EDPB and EDPS issued a joint opinion on the European Commission’s proposal for a regulation amending certain regulations, including the GDPR.
- A tribunal ruled the UK Information Commissioner had the authority to issue a monetary penalty notice to TikTok, allowing the case to proceed to a full hearing.
AMERICAS
- Attorney General Bonta announced the largest CCPA settlement to date, securing USD 1.55 million from Healthline.com.
- The Connecticut Attorney General’s Office reached a USD 85,000 settlement with TicketNetwork for alleged violations of the state’s comprehensive data privacy law.
- The Utah attorney general’s office sued social platform Snap for alleged children’s online safety violations.
- Nebraska Attorney General Mike Hilgers filed a lawsuit against General Motors and OnStar for the collection and sale of drivers’ data without consent.
- A California jury awarded over USD 314.6 million in a class-action lawsuit against Google for collecting data from idle Android phones.
ASIA PACIFIC
- Two South Korean universities were fined for personal data breaches: Jeonbuk National University, USD 459,000 and Ewha University, USD 253 million.
- Singapore’s Ezynetic was fined USD 17,500 after a data breach exposed over 190,000 individuals’ data on the Dark Web.
