Issue 156


  • European Commission launched a public consultation on the draft implementing regulations for the Digital Markets Act.
  • Italian data protection authority published an information sheet on instruments of protection available to data subjects under the GDPR.
  • The Court of Justice of EU issued a judgment on the right to erasure under GDPR after Google refused to comply with requests to remove the results of a search.
  • UK’s Department of Digital, Culture, Media & Sport issued a code of practice for app store developers and operators for the protection of consumers against apps that can steal data and money.


  • European Commission published the EU-US draft adequacy decision.
  • U.S. Senate passed a bill to prevent personal data breaches enabled by quantum computing.
  • U.S. Cybersecurity and Infrastructure Security Agency published an infographic summarizing phishing attacks.
  • Future of Privacy Forum published its comments on the proposed Draft Colorado Privacy Act.


  • Hong Kong’s data watchdog made an arrest for suspected doxing under the Personal Data (Privacy) Ordinance.
  • Cyberspace Administration of China issued Regulations on the Administration of Deep Synthesis of Internet Information Services.
  • Sri Lanka’s President highlighted the need for regulation of personal data in the budget speech.
  • Australian Federal Court held that Google LLC did not mislead consumers when it notified users and altered its privacy policy to extend the scope of its personal data processing activities.