APAC
- The Supreme Court of India issued a notice to a social media company proposing a potential five-year advertising ban on its messaging platform over privacy concerns.
- Vietnam’s Ministry of Science and Technology launched consultation on implementing the AI law.
- Hong Kong’s Privacy Commissioner reported interventions in three incidents involving personal data security breaches.
- Ministry of Industry and IT, China sought public feedback on data security standard governing anonymous identifiers on smart terminals.
- South Korea’s Information Protection Commission fined an e-commerce platform KRW 13.2 million for customer data leak due to inadequate security measures.
EMEA
- European Commission determined that certain addictive features of social media platform violate obligations under the Digital Services Act.
- Data protection provisions of the UK Data (Use and Access) Act came into force.
- France’s CNIL published a guidance on processing sensitive personal data for public scientific research purposes.
- Poland’s data watchdog imposed a fine of PLN 978,000 on the state postal company for failure to ensure independence of its Data Protection Officer.
- The Irish government released the general scheme for regulation of AI bill, to implement the EU AI Act.
- Dutch data authority imposed a fine of EUR 250,000 on ten municipalities for processing sensitive personal data without consent.
- Danish Data Protection Agency criticised several municipalities for processing personal data while using technology products in primary schools.
- Isle of Man’s Information Commissioner released personal data breach report for the third quarter.
- The ICO, UK fined a digital media company GBP 247,590 for failing to safeguard children’s privacy.
- EU Court of Justice delivered a ruling clarifying whether binding decisions of EDPB can be challenged.
- Turkish Data Protection Authority announced data breach involving a leading telecommunications company.
- Egypt’s Data Protection Centre published executive regulations to operationalise the personal data protection law.
Americas
- The New York Senate passed a bill amending the Responsible AI Safety and Education Act, introducing transparency obligations for developers of AI models.
- Mexico introduced a legislation on Consumer Information and Data Protection Act, outlining consumer rights and controller obligations.
- California’s Attorney General announced settlement of USD 2.75 million with an entertainment company for CCPA violations.
- A coalition of US Attorneys General called on Congress to approve Senate’s version of Kids Online Safety Act.
- Ecuador’s Data Protection Superintendent published resolution on large-scale processing of personal data.
- South Carolina’s bill on Social Media Regulation Act signed in law by Governor.
- Attorney General of Connecticut published a report detailing the office’s action to enforce compliance with the data privacy law.
- A Utah bill proposing amendments to AI transparency requirements progressed to its third reading in the Senate.
- Rhode Island lawmakers introduced legislation on Reproductive Health and Gender-Affirming Healthcare Data Privacy Act.
