Issue 178


  • UK’s data watchdog issued a reprimand to Plymouth City Council for violating several provisions of the UK GDPR.
  • French data protection authority published an assessment of the impact of its cookie action plan.
  • Austria’s data protection authority held Clearview AI Inc liable for violating multiple provisions of the GDPR and ordered them to delete the complainant’s personal data, as well as designate a representative within the EU.
  • The UK Government published supporting documents which assess the impact of the Data Protection and Digital Information Bill.


  • House Bill 154 for the Delaware Personal Data Privacy Act was introduced to the Delaware House of Representatives, and assigned to the Technology and Telecommunications Committee.
  • Connecticut’s Senate Bill for an Act concerning Artificial intelligence, automated decision-making and personal data privacy was passed with amendments by the Connecticut State Senate.
  • The Privacy Commissioner of Canada announced its intention to appeal the judgment rendered by the Federal Court of Canada in Canada (Privacy Commissioner) v. Facebook, Inc.


  • The National Information Security Standardisation Technical Committee of China released a draft national standard on general security technical specifications for terminal computers for public comments.
  • Philippines National Privacy Commission announced that it is investigating a potential personal data breach involving compromised accounts of users of the mobile application, GCash.