Issue 193


  • UK’s Information Commissioner’s Office imposed monetary penalty of GBP 70,000, as well as an enforcement notice, to SGS Home Protect Ltd, for violations of the Privacy and Electronic Communications (EC Directive) Regulations 2003.
  • The UK Home Office published a guidance on end-to-end encryption and child safety.
  • The European Data Protection Board announced the adoption, jointly with the European Data Protection Supervisor, of an opinion on the European Commission’s proposal for regulation on additional procedural rules for the enforcement of the General Data Protection Regulation (GDPR).
  • The European Data Protection Board released its Binding Decision on the dispute arising on the draft decision of the Data Protection Commission regarding TikTok Technology Limited, and the subsequent objections expressed by other data protection authorities.
  • Italian data protection authority fined the Municipality of Modica EUR 45,000 for violations of the General Data Protection Regulation.


  • The Office of the Privacy Commissioner of Canada concluded an investigation against the Canada Post Corporation for the collection and use of personal information for marketing purposes, in violation of the Privacy Act 1985.
  • U.S. Representative announced the introduction of bill HR5534 to prohibit targeted advertising by advertisers and advertising facilitators, and for other purposes, also known as the Banning Surveillance Advertising Act of 2023. 
  • U.S. State District Court for the Northern District of California San Jose Division granted a preliminary injunction to NetChoice LLC on the basis that provisions of the California Age-Appropriate Design Code Act likely violate the First Amendment of the United States Constitution.


  • Japan’s Personal Information Protection Commission announced that it had issued administrative guidance to Fujitsu Japan Limited, and local authorities in relation to the incorrect issuance of residence certificates at convenience stores.
  • The Saudi Data & Artificial Intelligence Authority published their Artificial Intelligence Ethics Framework version 2.0, focused on helping entities develop responsible artificial intelligence (AI) based solutions that limit the negative implications of AI systems while encouraging innovation.
  • The Personal Data Protection Commission issued a fine of SGD 9,000 to Century Evergreen Private Limited for violations of the Personal Data Protection Act 2012.