Issue 145

EU

  • The European Data Protection Board published its binding decision on the dispute arisen on the draft decision of the Irish supervisory authority regarding Meta Platforms Ireland Limited, under GDPR.
  • Ireland’s data watchdog imposed a fine of EUR 405 million on Instagram, as well as a reprimand and corrective measures, for violating multiple provisions of GDPR.
  • The Spanish data protection authority launched a tool for analysing risk factors of personal data processing pursuant to the requirement mandated by the GDPR.
  • The French data protection authority imposed a fine of EUR 250,000 on G.I.E. INFOGREFFE, for violating data retention and security provisions of the GDPR.
  • The European Commission announced that it had presented a proposal for a new Cyber Resilience Act.

USA

  • U.S.A Senators announced that they had sent a letter to U.S. Department of Health and Human Services to strengthen privacy protection for women seeking reproductive healthcare.
  • The U.S. Chamber of Commerce announced that it had testified before the Federal Trade Commission’s data privacy rulemaking open forum.
  • California Governor signed Assembly Bill for the California Age-Appropriate Design Code Act, which will enter into force on 1st July 2024.
  • The National Institute of Standards and Technology released a report titled ‘Staging Cybersecurity Risks for Enterprise Risk Management and Governance Oversight’.

INDIA AND ASIA-PACIFIC

  • The Cyberspace Administration of China released its draft decision amending the Cybersecurity Law of the People’s Republic of China and is requesting public comments on the same until 29th September.
  • South Korea’s data watchdog imposed a fine of KRW 69.2 billion on Google LLC and a fine of KRW 30.8 billion on Meta Platforms, Inc., for violations of the Personal Information Protection Act 2011.
  • Singapore’s data protection authority imposed a fine of SGD 60,000 on MyRepublic Limited, for breach of the protection obligation under the Personal Data Protection Act 2012, following a security incident.
  • The House of Representatives of the Republic of Indonesia announced that it had ratified the final draft of the Personal Data Protection Act, following its approval earlier in the month.
  • The Office of the Australian Information Commissioner announced that it had completed its review of the Privacy (Credit Reporting) Code 2014.

Read our digital newsletter here.