Issue 183


  • UK’s Information Commissioner’s Office (ICO) published its new privacy enhancing technologies guidance.
  • ICO issued a statement in which it called for businesses to address privacy risks associated with generative artificial intelligence prior to the adoption of such technologies.
  • French data protection authority imposed a penalty of EUR 150,000 on KG COM, for violations of the General Data Protection Regulation.
  • The European Union Agency for Cybersecurity announced the publication of its report on supply chain cybersecurity good practices.
  • Guernsey’s Office of the Data Protection Authority published guidance on data subject access requests.


  • House Bill 4 for the Texas Data Privacy and Security Act was signed by the Governor of Texas.
  • The Federal Trade Commission (FTC) imposed a fine of USD 75,000 on, inc. for violating the FTC Act and failing to have proper privacy and security measures in place.
  • House Bill 2545 for An Act relating to an individual’s genetic data was signed by the Texas Governor, on June 17, 2023, and will enter into effect, on September 1, 2023.


  • The Reserve Bank of India launched a public consultation on its draft Master Directions on Cyber Resilience and Digital Payment Security Controls for Payment System Operators.
  • Nigerian Data Protection Bill, 2023 was signed by the President into law.
  • The Office of the Privacy Commissioner of New Zealand (OPC) published a press release, encouraging organizations to adopt two-factor authentication for personal information protection.