Iubenda logo
Start generating


Table of Contents

DPO Newsletter: Data Protection & Privacy News (issue #117)

DPO Newsletter: Global Data Protection & Privacy News

We’ve compiled the latest in Data Protection and Privacy news for your convenience below.

1) Newly Published Documentation

  • The European Commission adopted its adequacy decision on the EU-US Data Privacy Framework (DPF) on July 10, 2023. Read about it here →
  • The European Commission has proposed the introduction of the GDPR Procedural Regulation, which, if adopted, will support the enforcement of the GDPR in cross-border cases. Read here →
  • The Commission nationale de l’informatique et des libertĂ©s (CNIL), has published a technical recommendation concerning data sharing through Application Programming Interface (API). Press release here → (in French)
  • The Norwegian data protection authority and the Norwegian Accreditation have entered into a cooperation agreement on the accreditation of certification bodies under the GDPR. Read here → (in Norwegian)

2) Notable Case Law

  • In the case Meta vs Bundeskartellamt the Court of Justice of the European Union (CJEU) has issued a ruling on Meta’s (formerly Facebook) GDPR approach. Read about the decision here →
  • Brazil’s data protection authority, the Autoridade Nacional de Proteção de Dados (ANPD) has issued its first enforcement action against the telemarketing firm Telekall Infoservice for violating the LGPD and failure to cooperate with the ANPD’s investigation. The Authority’s summary can be found here → (in Portuguese)

3) New and Upcoming Legislation

US law updates:

  • California: Senate Bill 680 which relates to amendments to the Civil Code and calls for a civil penalty in relation to social media platforms which include features that harm children, has passed Senate and the Assembly Committee.
  • Louisiana: Senate Bill 162 which creates the Secure Online Child Interaction and Age Limitation Act was signed by the Governor and enters into force on 1st of July 2024.
  • Washington: The Office of the Attorney General of Washington state has published a number of Frequently Asked Questions on the My Health My Data Act, part of which comes into effect on 23 July 2023.

4) Strong Impact Tech

  • Further to release in the US, UK and several other countries, Meta has delayed the release of Threads within the European Union (EU) further to uncertainty over personal data use. It has been reported that “Threads imports data from Meta’s Instagram and tells U.S. users that it collects health, financial, location, search and other data.” The Twitter rival faces privacy hurdles within the EU, therefore its impending launch remains to be seen. Reported here on our blog →

Other key information from the past weeks

  • Italy’s Data Protection Authority (Garante) fined Benetton Group €240,000 for violating data protection principles and security requirements in terms of Articles 5 and 32 of the GDPR.
  • The Swedish Authority for Privacy Protection (IMY) has ordered the companies CDON AB, Coop Sverige, Dagens Industri and Tele2 Sverige to stop using Google Analytics.
  • The United Kingdom and Singapore have signed two Memoranda of Understanding, one concerning emerging technologies and the other relating to data cooperation.

đź‘Ť Enjoyed this issue? Share it on LinkedIn and subscribe for weekly updates

About us


Attorney-level solutions to make your websites and apps compliant with the law across multiple countries and legislations.