Issue 162


  • Ireland’s Data Protection Commission imposed a fine of EUR 5.5 million on WhatsApp Ireland Limited for violating the GDPR.
  • European Union Agency for Cybersecurity launched the ‘Awareness Raising in a Box (AR-in-a-BOX)’ to enable organisations to build their awareness-raising programmes.
  • French data watchdog imposed a fine of EUR 3 million on video game developer, VOODOO for violating the Data Protection Act.
  • UK’s Information Commissioner’s Office encouraged developers to consider data privacy at the early stages of implementing new technology.


  • An Act to amend the general business law, in relation to biometric privacy was introduced in the New York Legislature.
  • An Act Establishing A Connecticut Age-Appropriate Design Code that provides privacy obligations for providers of online products and services used by children was referred to the Connecticut General Assembly.
  • An Act to amend the Indiana Code in relation to data security was introduced to the Indiana General Assembly.


  • The email server of India’s Ministry of External Affairs faced a cyber-attack. Reports Zee News
  • Human resources management platform faced a data breach exposing 260 GB of personal data of employees. Reports The Hindu
  • Thailand’s Royal Decree on Digital Platform Service Businesses was published in the Government Gazette.