Issue 163


  • Slovenia’s Information Commissioner issued a statement reminding of the entry into force of the Personal Data Protection Act.
  • Andorran Data Protection Authority published a guideline on Data Protection Impact Assessment on the Protection of Personal Data.
  • Czech Republic’s National Cyber and Information Security Agency announced that it is in the process of transposing the Directive on Security of Network and Information Systems.
  • The Italian Data Protection authority announced the publication of guidelines on the data protection interpretation and enforcement issues related to The Transparency Decree (Legislative Decree No. 104 of 27 June 2022).


  • Senate Bill 1085 relating to Biometric Information Privacy was referred to the Labour and Technology Committee.
  • The California Attorney General initiated an investigative sweep and sent letters to businesses with mobile apps that fail to comply with the California Consumer Privacy Act of 2018.
  • The Attorney General of North Carolina released its latest data breach statistics for 2022.
  • The Colorado Attorney General published an updated version of its draft rules for implementing the Colorado Privacy Act.
  • The Office of the Privacy Commissioner of Canada published a bulletin on five ways to improve privacy impact assessments for the federal public sector.


  • Finance Minister of India announced that a National Data Governance Policy will be introduced to enable access to anonymized data. Reports The Hindu
  • The Royal Decree on Digital Platform Service Businesses was published in the Government Gazette of Thailand, which will come into effect on 20th August 2023.
  • The State Bank of Vietnam requested public comments on the draft circular for regulating credit information activities of the State Bank.