Issue 171


  • European Data Protection Board adopted its opinion on the Danish Supervisory Authority’s draft decision regarding Controller Binding Corporate Rules of Royal Greenland Group.
  • Spain’s data watchdog issued Guidelines for treatments that involve communication of data between Public Administrations in the face of the risk of personal data breaches.
  • The European Consumer Organisation published recommendations on harmonizing cross-border procedural matters in GDPR.
  • French data protection authority imposed a fine of EUR 125,000 on scooter renting company, Cityscoot SAS for violating the GDPR.


  • Maryland’s bill on protection of children’s data passed its third reading at the Maryland House of Delegates.
  • New York’s “It’s Your Data Act” was introduced in the New York State Senate.
  • Bill of amendments regarding genetic data privacy was approved by the Virginia Governor.
  • Washington’s bill regarding the processing of consumer health data was passed by the Senate Committee on Law and Justice.


  • Cyberabad Police arrested seven people for theft and sale of sensitive and confidential data of about 16.8 crore citizens. Reports NDTV
  • Japan’s Ministry of Economy, Trade, and Industry revised its Cybersecurity Management Guidelines.
  • Cyber Security Agency of Singapore issued an advisory on the use of multi-factor authentication.