Issue 166


  • The European Commission published a press release requesting public comments on the Digital Services Act. Comments can be submitted until 16th March 2023.
  • The European Data Protection Board released a document on data subject access rights titled ‘One-Stop-Shop case digest on right to object and right to erasure’.
  • European Parliament’s Committee on Civil Liberties, Justice and Home Affairs issued a draft opinion urging the European Commission to not adopt the protection afforded by the proposed EU-U.S. Data Privacy Framework.
  • UK’s  First-Tier Tribunal (Information Rights) ruled on the ICO’s decision which required Experian Limited to change how it handles people’s personal data.


  • British Columbia’s data watchdog published a mandatory breach reporting and privacy management program requirements for public bodies.
  • Hawaii’s Senate Bill 974 relating to Consumer Data Protection was passed with amendments at second reading by the Commerce and Consumer Protection Committee.
  • Florida’s Governor announced a proposal to create a Digital Bill of Rights that focuses on protecting Floridians’ privacy, protecting minors from online harm, and eliminating unfair censorship.


  • The Telecom Regulatory Authority of India announced its plan to launch a digital consent authorization platform. Reports Economic Times
  • Supreme Court of India held that children have a right to protect their genetic information and family courts adjudicating between warring parents to order DNA tests only as a last resort. Reports The Hindu
  • The Attorney General of Australia, announced that the Australian Government has issued the report of the AG Department’s review of the Privacy Act 1988.