APAC
- The Reserve Bank of India consulted global regulators to assess the potential cybersecurity risks of an AI model.
- China’s CAC announced interim measures regulating AI-powered humanized interactive services.
- South Korea’s Communications Commission imposed fines on 373 location information service providers for regulatory violations.
- Vietnam’s Ministry of Science and Technology issued circular on identity verification requirements for mobile subscribers.
- Australia’s Communication and Media Authority fined a financial services company AUD 3.96 million for direct marketing violations.
- South Korea’s PIPC released administrative notice on draft amendments to penalty surcharge criteria under data protection law.
EMEA
- The European Data Protection Board adopted and launched a public consultation on a Data Protection Impact Assessment (DPIA) template.
- UK’s ICO and Belgium’s DPA signed MoU to strengthen cross-border data protection cooperation.
- CNIL, France released recommendations on the use of tracking pixels in emails to enhance privacy compliance.
- UK’s Department of Science sent open letter urging business leaders to strengthen defences against AI driven cyber threats.
- Italy’s Cybersecurity Agency published a resolution outlining compliance requirement under the NIS2 Directive.
- The European Commission issued a statement on digital age verification app to improve children’s online safety.
- Belgium’s Centre for Cybersecurity released requisites for essential entities to ensure NIS2 compliance before deadline.
- The Netherlands Cyber Security Centre confirmed parliamentary approval of Cybersecurity Act and Critical Entities Resilience Act.
- Latvia Data State Inspectorate published its operational strategy for 2026–2030, outlining priorities for data protection.
- Poland’s amendments to the Cybersecurity Act implementing NIS2 Directive came into effect.
- Kenya’s Office of Data Protection Commissioner published draft guidance notes on data transfers, transport sector, DPO and data protection policy.
Americas
- U.S. House Committees announced joint effort to advance the GUARD Financial Data Act and SECURE Data Act.
- Kentucky legislation regulating the use of Automatic Content Recognition (ACR) data signed into law by the Governor.
- Iowa Attorney General amended lawsuit against a social media platform to add more privacy violations.
- Alabama’s comprehensive consumer data privacy bill signed into law.
- Colombia Ministry of ICT launched a consultation on a draft decree aimed at creating safe and healthy digital environments for children and adolescents.
- A bill to amend the Personal Data Privacy Act introduced in Delaware.
