Issue 185


  • The European Commission proposed a new regulation to support the effectiveness and efficiency of enforcement of the General Data Protection Regulation (GDPR) in cross-border cases.
  • The Danish data protection authority published a new guidance on processing personal data in the context of direct marketing.
  • The Italian data protection authority imposed a fine of EUR 10,000 on Grizzaffi Management S.r.l., for violations of the GDPR and the Personal Data Protection Code.
  • UK’s Information Commissioner’s Office issued an enforcement notice to Fortis Insolvency Limited and a monetary penalty notice, in which it imposed a fine of GBP 30,000 for violating the Privacy and Electronic Communications (EC Directive) Regulations 2003.


  • The U.S. Department of Health and Human Services Office for Civil Rights announced that it had reached a settlement with iHealth Solutions, LLC, for potential violations of the Health Insurance Portability and Accountability Act Privacy and Security Rules (HIPAA Rules).
  • The U.S. Secretary of Commerce released a statement on the implementation of the EU-US Data Privacy Framework.
  • Office of the Privacy Commissioner of Canada published a blog offering advice to businesses on how to protect the privacy of customers using their mobile apps.
  • The California Chamber of Commerce announced that the Sacramento Superior Court ruled to delay the enforcement of the revised California Consumer Privacy Act of 2018, as amended (CCPA) Regulations, which became effective on March 29, 2023.
  • The Colorado Privacy Act and the Colorado Privacy Act Rules entered into force on 1st July.


  • India’s Union Cabinet cleared the personal data protection bill which will be tabled in the Parliament during the upcoming Monsoon session. Reports Money control.
  • The Dubai International Financial Centre published its Thematic Assessment Report No. 1 of 2023 regarding the implementation of Article 28 of DIFC Data Protection Law.
  • The Cyberspace Administration of China announced that it had signed a memorandum of understanding with the Hong Kong Innovation, Technology & Industry Bureau to promote cross-border data flows in Guangdong, Hong Kong, and Macau.