EU & UK
- UK ICO fined Energy company GBP 250,000 and Marketing agency GBP 300,000 for making unsolicited direct marketing calls.
- NOYB: Austrian authority DSB prohibited a credit information agency and an energy provider from conducting unlawful credit scoring.
- European Commission issued draft guidance and a reporting template on serious AI incidents under the AI Act and invited stakeholder feedback.
- Dutch data watchdog raised concerns over LinkedIn’s AI training practices and urged users to adjust their privacy settings.
- French authority CNIL fined a department store EUR 100,000 for using hidden cameras.
- EU Data Protection Authorities are working with social media platforms to combat false advertising and the misuse of deepfakes.
- Romanian data protection authority fined S.C. PRIMONET RON 101,544 for a data breach
USA
- California approved new regulations on cybersecurity audits, risk assessments, automated decision-making, and insurance companies, along with updates to existing CCPA rules.
- Senators introduced the Management of Individuals’ Neural Data Act of 2025 to safeguard brain data from exploitation.
- Massachusetts Senate passed the Consumer Data Privacy Act.
- Joint investigation by Canadian data authorities found TikTok’s data processing practices in violation of PIPEDA and provincial privacy laws.
- California Governor signed a bill enhancing health and location data privacy protections.
- FTC alleged that the Sendit App unlawfully collected children’s personal data and misled users by sending messages from fake accounts.
