EU & UK
- UK’s Information Commissioner (ICO) entered into Memorandum of Understanding with Japan’s Personal Information Protection Commission focused on data protection.
- ICO announced that it had issued a reprimand to Optionis Group Limited, for violations of the UK General Data Protection Regulation, following a data breach.
- European Data Protection Board adopted an opinion on the Proposal for a Regulation on the establishment of the digital euro, jointly with the European Data Protection Supervisor.
- The French data protection authority launched a public consultation on creation of datasets for the development of artificial intelligence systems.
AMERICAS
- New York State Attorney General published an Assurance of Discontinuance, in which it came to a settlement of USD 350,000 with Personal-Touch Holding Corp., a healthcare company, for violations of the Health Insurance Portability and Accountability Act of 1996, following a data breach.
- USA’s Cybersecurity and Infrastructure Security Agency published an update to the joint Secure by Design guidance titled, ‘Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure by Design Software.
- Canada’s Office of the Privacy Commissioner released two companion documents supporting its resolution on youth privacy.
INDIA AND ASIA PACIFIC
- Australian Communications and Media Authority imposed a fine of AUD 515,040 on Ticketek Pty Ltd for violations of the Spam Act 2003.
- South Korea’s Personal Information Protection Commission announced the publication of its guidelines on standards for disciplinary action for violations of personal information protection laws.
- Indian Computer Emergency Response Team published a whitepaper titled ‘API Security: Threats, Best Practices, Challenges, and Way forward using AI.’
