Issue 159

EU AND UK

  • Munich’s District Court prohibited a news portal from using tracking cookies to evaluate user behaviour for advertising without consent.
  • Turkey’s data watchdog published the peer-reviewed Turkish Journal of Privacy and Data Protection Volume: 4 – Issue: 2.
  • Irish Data Protection Commission launched an inquiry into Twitter’s disclosure of personal data.
  • Greek data watchdog implemented the “Project byDesign” to facilitate GDPR compliance.

AMERICAS

  • The California Privacy Rights Act of 2020 entered into force on 1 January 2023.
  • Kentucky’s act relating to insurance data security took effect on 1 January 2023.
  • Irish Data Protection Commission launched an inquiry into Twitter’s disclosure of personal data.
  • Virginia Consumer Data Protection Act entered into effect on 1 January 2023.
  • Brazil’s data watchdog published a new form for data controllers to report security incidents.
  • Nevada Gaming Commission adopted regulations on cybersecurity requirements for gaming operators. The regulations came into effect on 1 January 2023.

INDIA AND ASIA PACIFIC

  • Toyota Kirloskar Motor faces a security incident that might have exposed personal information of customers. Reports Hindustan Times
  • Indian Railways asks business partners to examine any data breach amid speculations of a data leak of approximately 30 million people. Reports Times of India
  • Japan’s data protection authority published the draft revised rules for data transfers to the EU and UK under the adequacy decision. Comments can be submitted by 27 January 2023.
  • National Privacy Commission of Philippines elected representatives for the Data Privacy Council.
  • South Korean data watchdog published guidelines on the interpretation of the Personal Information Protection Act.