Issue 188


  • UK’s Information Commissioner’s Office released a blog to assist public organizations with right of access.
  • Cyprus’ Office of the Commissioner for Personal Data Protection fined the Bank of Cyprus Public Company Ltd EUR 17,000 for violation of the General Data Protection Regulation following a data breach.
  • Chairman of the Council of the European Union’s Committee of the Permanent Representatives of the Governments of the Member States to the EU approved the draft compromise text of the Data Act.


  • House Bill No. 2052 relating to the registration of business entities that qualify as data brokers, and declaring an emergency, was passed by the Oregon State Senate.
  • Senate Bill 362 for an act relating to data brokers was re-referred to the California Assembly Committee on Appropriations, after being passed with amendments by the Assembly Privacy and Consumer Protection and Judiciary Committees.
  • The California Privacy Protection Agency (CPPA) announced that the CPPA Board had unanimously voted to support four California privacy bills during their recent Board meeting.


  • Indian Government withdrew the DNA Technology (Use and Application) Regulation Bill, 2019 from the Lower House of the Indian Parliament, during the ongoing monsoon session of the Indian Parliament 2023.
  • Japan’s Alps Alpine Co., Ltd. issued a notice addressing a data breach potentially affecting 16,000 employees due to unauthorized access by a third party.
  • People’s Bank of China requested public comments on the draft Measures for the Management of Data Security in the Business Field of the People’s Bank of China.