APAC
- India’s Ministry of Electronics and IT invited applications for the positions of Chairperson and Members of the Data Protection Board of India
- South Korea’s Internet and Security Agency signed an agreement to strengthen cybersecurity across the automotive supply chain.
- China’s CAC issued measures regulating online marketing of financial products to enhance internet finance activities oversight and consumer protection.
- Australian Prudential Regulation Authority called for stronger governance and risk management to address AI risks in regulated industries.
- New Zealand’s Information Privacy Principle 3A on notification requirements for indirect collection of personal information, came into effect.
EMEA
- The European Data Protection Board and Supervisor adopted a joint opinion on the proposed Cybersecurity Act 2 and amendments to the NIS2 Directive.
- UK’s ICO published final guidance on storage and access technologies, including cookies, tracking pixels and device fingerprinting.
- Italy’s Competition and Market Authority concluded investigations into AI providers after securing commitments to improve transparency regarding AI hallucination.
- Germany’s Cabinet approved a draft law mandating precautionary retention of IP addresses to strengthen online crime investigation.
- Irish DPC launched an inquiry into an apparel company’s transfer of personal data from EU to China.
- Portugal’s Communications Authority opened a public consultation on draft guidelines for implementing AI literacy under the EU AI Act.
- The European Commission and Data Protection Board announced plans to develop joint guidance on the interplay between competition and data protection laws.
- Belgium’s Centre for Cybersecurity adopted a new national cyber crisis response plan to strengthen preparedness and coordination.
- Poland’s Personal Data Protection Office issued its opinion on the draft Artificial Intelligence Systems Act.
- Luxembourg’s Official Journal published the NIS2 transposition law, establishing measures to enhance the resilience of critical entities.
Americas
- The U.S. Federal Trade Commission secured an order prohibiting a data broker from selling sensitive location data.
- Brazil’s ANPD launched a public consultation on draft guidance for suppliers of IT products and services.
- California’s Privacy Protection Agency issued positions on bills related to sensitive personal information, data brokers and privacy of elected officials and judges.
- New York’s Attorney General supported legislation banning surveillance pricing and electronic shelf labels in retail stores.
- Iowa Governor signed an Act establishing requirements and guidelines for conversational AI services.
- Canada’s privacy regulator published findings from a joint investigation into an AI company.
- A bill amending the Connecticut Data Privacy Act to strengthen consumer privacy protections and regulate data brokers, passed by the House.
