APAC
- Australia’s Office of Information Commissioner launched a consultation on draft guidance for transparency in automated decision-making.
- China’s TC260 issued ethical and safety guidelines for AI applications to support responsible AI governance.
- The Singapore government in collaboration with a technology company published findings from an AI agents sandbox initiative.
- South Korea’s PIPC announced risk-based inspections to assess personal information processing practices.
EMEA
- The European Commission launched a consultation on draft guidelines for implementing transparency obligations under Article 50 of AI Act.
- UK’s ICO fined an energy services company GBP 160,000 for making unsolicited marketing calls.
- France’s CNIL urged vigilance regarding smart glasses, highlighting privacy, surveillance, and data protection risks.
- Belgium’s DPA imposed a fine of EUR 176,950 on a tech company for failing to delete a former employee’s email account.
- Ireland’s High Court published its ruling on the Data Protection Commission’s enforcement decision against a technology company.
- Netherlands’ Data Protection Authority fined a ride-hailing platform EUR 100 million for unlawfully transferring personal data of drivers and customers.
- The G7 and the European Commission jointly released Software Bill of Materials for AI systems.
- Spain’s AEPD published an assessment on draft bill governing online intermediary services.
- Croatia’s AZOP issued accreditation requirements for GDPR code of conduct monitoring bodies.
- Hungary’s Data Protection Authority fined a media company HUF 50 million for publishing links containing leaked personal and sensitive data.
Americas
- The U.S. Federal Trade Commission began enforcing the Take It Down Act and published compliance resources.
- Colorado bill on automated decision-making technology signed by the House and Senate.
- Illinois’ Consumer Privacy bill addressing data opt outs and algorithmic profiling advanced to its third legislative reading.
- Texas’ AG secured a settlement preventing a consumer electronics company from collecting user’s viewing data without informed consent.
- California’s Department of Justice released proposed regulations under the Protecting Our Kids from Social Media Addiction Act.
- Oklahoma’s AG filed a lawsuit against an online marketplace over alleged unlawful data collection and deceptive business practices.
- Louisiana enacted a Data Privacy Act granting user’s personal information opt-out rights on social media platforms.
- Brazil’s ANPD launched a public consultation on guidance relating to age verification mechanisms.
- New York Department of Financial Services issued guidance on cybersecurity measures for heightened threat environments.
- New Mexico’s AG announced second phase of trial against a technology company seeking child safety reforms.
