We’ve compiled the latest in Data Protection and Privacy news for your convenience below.
1) Newly Published Documentation
🇮🇹 Italy – AI Law Published in Official Gazette
Italy officially published its comprehensive artificial intelligence legislation (in Italian) in the Official Gazette, establishing a regulatory framework for AI systems operating within Italian jurisdiction.
🇨🇭 Switzerland – Website Tracking Regulations
Swiss authorities announced revised digital privacy requirements mandating clear data collection disclosure and simple opt-out options. The framework allows some non-essential cookies without consent if justified by strong interests, while sensitive or high-risk data activities require explicit user approval.
🇪🇺 EU – Digital Platform Compliance Framework
European regulators released collaborative guidance demonstrating how the Digital Markets Act and GDPR work together to safeguard user information and promote competitive fairness among large technology companies.
🇦🇹 Austria – Microsoft 365 Education Victory
Austrian privacy advocates successfully challenged Microsoft 365 Education for tracking school children, with authorities ruling the platform violated student privacy protections.
2) Notable Case Law
🇩🇪 Germany – Hamburg Financial Firm Penalty
Hamburg’s data protection authority fined a financial company €492,000 (in German) for failing to provide customers with adequate explanations about automatic credit card rejections, breaching transparency requirements.
🇺🇸 California – Universal Privacy Controls
California enacted legislation requiring browsers to provide single-click tracking rejection capabilities by January 2027. The measure enables users to block data collection and commercial sharing across all websites simultaneously, eliminating individual site preferences.
3) New and Upcoming Legislation
🇺🇸 USA (Maryland) – Data Privacy Law Effective
Maryland’s new data privacy law became effective on October 1, granting residents rights over personal data, setting business compliance rules, and establishing security standards with potential criminal penalties.
🇳🇴 Norway – Digital Security Act Enforced
Norway’s Digital Security Act took effect (in Norwegian) on October 1, requiring critical sectors to meet strict cybersecurity standards and rapidly report incidents, aligning with European network security directives.
4) Strong Impact Tech
🇺🇸 USA – AI LEAD Act Referred to Committee
The AI Leadership To Enable Accountable Deployment Act was referred to committee, creating a civil liability framework holding AI developers and deployers accountable for negligence and safety violations.
🇺🇸 USA (California) – Frontier AI Transparency Act Signed
California’s Governor signed the Transparency in Frontier Artificial Intelligence Act on September 29, requiring large AI developers to publish risk assessment frameworks and detailed transparency reports.
Other key information from the past weeks
🇧🇷 Brazil – Cybersecurity Legal Framework Pending
Brazil prepared to approve its first Cybersecurity Legal Framework, establishing a National Cybersecurity Authority to unify regulations and enforce national standards across sectors.
🇬🇧 United Kingdom – Apple Cloud Data Access Attempt
UK authorities made renewed attempts to access Apple’s cloud data storage systems, intensifying ongoing disputes over law enforcement access to encrypted user information.
🇩🇪 Germany – EU Child Abuse Scanning Bill Division
Germany remained divided on the EU’s proposed child abuse content scanning legislation, with mounting pressure from various stakeholders regarding privacy and security implications.
👍 Enjoyed this issue? Share it on LinkedIn and subscribe for weekly updates
Latest issues
About us
Attorney-level solutions to make your websites and apps compliant with the law across multiple countries and legislations.