USA: NIST publishes revised Digital Identity Guidelines.
The revisions in the Guidelines include new recommended continuous evaluation metrics, expanded fraud requirements and recommendations, and added controls addressing injection attacks.
Learn more: www.dataguidance.com/news/usa-nis...
05.08.2025 16:05 β π 0 π 0 π¬ 0 π 0
Thailand: PDPC announces five enforcement decisions for data breaches.
It found violations of the PDPA following data breaches, such as failing to implement appropriate information system security measures.
Check it out: www.dataguidance.com/news/thailan...
05.08.2025 14:57 β π 1 π 0 π¬ 0 π 0
Algeria: Law modifying Data Protection Law published in the Official Gazette.
The changes introduced by Law No. 11-25 include new obligations regarding conducting DPIAs and appointing DPOs and new instruments for international data transfers.
Read now: www.dataguidance.com/news/algeria...
05.08.2025 14:18 β π 1 π 0 π¬ 0 π 0
Italy: Garante fines Poste Vita β¬80,000 for data breach.
The investigation found that Poste Vita violated the GDPR by failing to verify an email address before sending sensitive information.
Learn more: www.dataguidance.com/news/italy-g...
04.08.2025 16:06 β π 0 π 0 π¬ 0 π 0
Malaysia: PDP publishes three guidelines on DPOs.
The guidelines define core functions and competencies expected of DPOs, the KSA model and tiers, and structured training and certification pathways to support DPOs.
Check it out: www.dataguidance.com/news/malaysi...
04.08.2025 15:10 β π 0 π 0 π¬ 0 π 0
EU: AI Act provisions on GPAI models enter into force.
The provisions include requirements for GPAI model providers with penalties for non-compliance, and the GPAI Code of Practice.
Read now: www.dataguidance.com/news/eu-ai-a...
04.08.2025 14:35 β π 0 π 0 π¬ 0 π 0
California: CPPA requests comments on DROP System.
The CPPA is consulting on DROP rules detailing how data brokers must process deletion requests and handle consumer data under the DELETE Act.
Read now: www.dataguidance.com/news/califor...
01.08.2025 16:01 β π 0 π 0 π¬ 0 π 0
China: Regulations on the Application of the Administrative Punishment Discretion Benchmarks enter into force.
The Regulations standardize how cyberspace authorities in China apply administrative penalties.
Read now: www.dataguidance.com/news/china-r...
01.08.2025 15:00 β π 1 π 0 π¬ 0 π 0
Minnesota: AG publishes guidance and FAQs on MCDPA.
The Minnesota AG issued guidance and FAQs on MCDPA compliance, highlighting consumer rights and business responsibilities.
Check it out: www.dataguidance.com/news/minneso...
01.08.2025 14:06 β π 0 π 0 π¬ 0 π 0
Italy: Garante publishes memorandum on GDPR simplification proposal.
The Garante welcomed the narrow scope of proposed GDPR changes but raised concerns over missing impact analysis and unclear exemption criteria.
Read on: www.dataguidance.com/news/italy-g...
31.07.2025 15:51 β π 1 π 0 π¬ 0 π 0
Hamburg: HmbBfDI reports on AI Act implementation in Germany.
The Hamburg data authority raised concerns over Germany's readiness to meet AI Act deadlines, urging the government to appoint and equip proper oversight bodies for AI systems.
Learn more: www.dataguidance.com/news/hamburg...
31.07.2025 15:04 β π 0 π 0 π¬ 0 π 0
Minnesota: MCDPA enters into effect.
The MCDPA, which takes effect today, grants consumers data rights and imposes strict requirements on businesses handling personal data.
Read now: www.dataguidance.com/news/minneso...
31.07.2025 14:17 β π 0 π 0 π¬ 0 π 0
Australia: OAIC publishes regulatory action priorities for 2025-26.
The OAIC's regulatory priorities focus on tackling data power imbalances, protecting rights in emerging tech like AI and biometrics.
Learn more: bit.ly/3U3rma8
30.07.2025 17:47 β π 0 π 0 π¬ 0 π 0
California: CPPA settles with Accurate Append for $55,400 for failing to register under DELETE Act.
The CPPA fined data broker Accurate Append for failing to register under the DELETE Act.
Read on: www.dataguidance.com/news/califor...
30.07.2025 16:17 β π 0 π 0 π¬ 0 π 0
Australia: ACMA fines Betfair AUD 871,660 for direct marketing violations.
ACMA fined Betfair for sending unsolicited marketing messages without consent or unsubscribe options, in breach of the Spam Act.
Learn more: www.dataguidance.com/news/austral...
30.07.2025 15:31 β π 0 π 0 π¬ 0 π 0
Germany: BMI announces adoption of draft bill for NIS2 Directive.
It strengthens the IT Security Acts, introduces new security categories and reporting rules, and clarifies the BSI's responsibilities in protecting national IT infrastructure.
Read now: www.dataguidance.com/news/germany...
30.07.2025 14:14 β π 0 π 0 π¬ 0 π 0
UK: Joint Committee on Human Rights launches inquiry on human rights and regulation of AI.
The UK Joint Committee on Human Rights has launched an inquiry into how AI impacts human rights.
Read now: bit.ly/45qPE44
29.07.2025 22:18 β π 1 π 0 π¬ 0 π 0
USA: AGs file lawsuit against USDA for sharing sensitive personal data of SNAP recipients.
A coalition of 22 AGs has sued the USDA over a proposal to collect sensitive data on SNAP recipients.
Read now: bit.ly/458FZhb
29.07.2025 17:39 β π 1 π 0 π¬ 0 π 0
UK: Data (Use and Access) Regulations published.
The UK has confirmed which key provisions of the Data (Use and Access) Act 2025 will enter into force.
Learn more: bit.ly/4lQj7dN
28.07.2025 20:40 β π 1 π 0 π¬ 0 π 0
EU: EDPS publishes press release on Commission bringing use of Microsoft 365 into compliance.
The EDPS closed its case after the European Commission aligned its use of Microsoft 365 with EU data protection rules.
Check it out: bit.ly/4lSF0Jp
28.07.2025 19:49 β π 0 π 0 π¬ 0 π 0
China: NPC releases global AI action plan.
China has released an AI Action Plan promoting global cooperation, innovation, data sharing, and security standards, while calling for inclusive and sustainable governance of AI.
Read now: bit.ly/4lTXbhK
28.07.2025 17:26 β π 2 π 0 π¬ 0 π 0
Germany: BSI publishes white paper on bias in AI.
The white paper outlines methods for bias detection in both data and AI models. Additionally, it provides strategies for bias mitigation.
Check it out: bit.ly/3IELnkT
25.07.2025 20:47 β π 2 π 2 π¬ 0 π 0
UK: Age verification requirements under Online Safety Act Codes of Practice come into effect.
Ofcom will begin enforcement from July 25, 2025, against any company that allows pornographic content and does not comply with age-check requirements.
Read more: bit.ly/4lMs4EV
25.07.2025 18:47 β π 1 π 0 π¬ 0 π 0
California: CPPA unanimously votes to adopt the Proposed Regulations.
The CPPA will now file the Proposed Regulations with the Office of Administrative Law as the next steps towards the final enactment.
Read now: bit.ly/4mgfBZZ
25.07.2025 15:00 β π 0 π 0 π¬ 0 π 0
New York: Governor announces proposed amendments to utility companies cybersecurity rules for utility, water, and wastewater systems, requiring risk assessments, incident reporting, and response plans.
Read now: bit.ly/44NqnRA
25.07.2025 14:16 β π 0 π 0 π¬ 0 π 0
EU: The European Commission released a template for GPAI model providers to publish summaries of training data, promoting transparency, IP rights, and data protection under the EU AI Act.
Check it out: bit.ly/3IHA5wd
24.07.2025 19:05 β π 0 π 0 π¬ 0 π 0
USA: White House issues AI Action Plan.
The White House unveiled its AI Action Plan to boost innovation, build infrastructure, and remove regulatory barriers while promoting secure and responsible AI adoption.
Read now: bit.ly/455deSK
24.07.2025 15:27 β π 0 π 0 π¬ 0 π 0
California: Bill for California Opt Me Out Act passes third reading in Senate.
The bill would require browsers to support opt-out preference signals and mandate businesses to clearly explain how these signals work.
Check it out: bit.ly/44Mskh7
23.07.2025 20:16 β π 0 π 0 π¬ 0 π 0
International: US and Indonesia reach agreement on data transfers.
The US and Indonesia signed a trade deal allowing cross-border data transfers by recognizing US data protection as adequate under Indonesian law.
Read more: bit.ly/4f8OA8m
23.07.2025 18:35 β π 1 π 0 π¬ 0 π 0
Kentucky: AG files lawsuit against Temu for unlawful processing of personal information.
The Kentucky AG filed a lawsuit against Temu, alleging unlawful data collection, privacy violations, counterfeiting, and deceptive business practices.
Learn more: bit.ly/46Vwbtp
23.07.2025 17:18 β π 0 π 0 π¬ 0 π 0
Flumping along in the world of data since Long Ago. Posts as @castlebridge_chief here and on https://mastodon.ie. CEO @ Castlebridge.ie.
Doctoral candidate at UL looking at #DataGovernance. Author of several books on data stuff.
Not the comedian
π€Insights on GDPR and AI Act| Privacy Nerd and Academic | βοΈLawyer
π‘LinkedIn: https://www.linkedin.com/in/mateusz-kupiec-fip-cipp-e-cipm-289700121?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=ios_app
privacy, law, AI, star wars
EU digital policy nerd | data protection & privacy | competition | platform & media regulation | identity | cybersecurity
Focus: consent-or-pay & (messaging) interoperability
https://gateklons.substack.com/
π @gateklons@eupolicy.social
π¦ @gateklons
Tech law @cambridgelaw.bsky.social
https://www.law.cam.ac.uk/people/academic/j-cobbe/83662
Advocate for privacy and broader human rights impacted by data.
Love nothing better than a hike in the hills. Embracing Yutori γγ¨γ over on @yutoriwalking.bsky.social
CISO of SentinelOne, teaching at Stanford.
We are the National Cyber Security Centre β part of the UKβs intelligence & cyber agency GCHQ. We help to make the UK the safest place to live and work online.
Cyber and Privacy lawyer at MoFo
Reputation management and privacy lawyer by day. CEO of a social mobility charity, @acceptedcharity.bsky.social / 'BVL' by night. All views my own
Email me: victoria.anderson@accepted.org.uk
Data Protection Dungeon Master.
Speaker, Consultant, Trainer, Voice Actor - available at reasonable rates for interesting projects!
Just a boy, standing in front of a world, asking it to reduce data harms. This is a personal space.
Co-founder of www.aitechprivacy.com (1,250+ participants). Author of www.luizasnewsletter.com (70,000+ subscribers). Mother of 3.
Protecting the privacy and access to information rights of Ontarians
https://www.ipc.on.ca/en
Attorney (privacy, adtech, data stuff), to the extent applicable.
CEO of the IAPP. Working on privacy, AI governance and digital responsibility. π¨π¦
IAPP Editorial Director
Host of The Privacy Advisor Podcast
https://iapp.org/news/privacy-advisor-podcast/
My opinions here, not the IAPPβs.
πποΈπ€βοΈπΉπ₯πΆ
Founder/Managing Partner at
Hintze Law, HINT-zee
AI+privacy+security+cyber influence operations
IAPP Westin Emeritus Fellow
Tech Lawyer (Data Governance & AI) | Board Chair @Weeksville Heritage Center | Advisory Board Member for Startups | 8 x Marathoner | Lover of: Art, Food, Books & Travel. βSometimes I rhyme slow. Sometimes I rhyme quickβ
Professor at the University of Virginia School of Law; Vice President of the Cyber Civil Rights Initiative; #MacFellow; Author of The Fight for Privacy: Protecting Dignity, Identity, and Love in the Digital Age (2022) and Hate Crimes in Cyberspace (2014) π
