An IAPP Global Privacy Summit 2025 panel of European data protection regulators tackled the thorny issues around pay-or-consent models mere hours after the European Commission levied a 200 million euro Digital Markets Act fine against Meta related to the same topic.
U.S. state privacy regulators are tuning up their enforcement approaches with an eye toward more collaboration and meaningful actions that promote strong compliance. IAPP News Editor Joe Duball reports from the Global Privacy Summit 2025 on insights from a pair of regulator panels into how state enforcers are going about their business.Full story
As more jurisdictions consider AI laws, the question of how regulators can create cross-border enforcement remains. IAPP Staff Writer Caitlin Andrews reports from the IAPP Global Privacy Summit 2025 on how digital regulators from Brazil, Italy and Singapore have taken different tactics toward enforcement based on their country's unique laws and where agreement can be found.Full story
Japan's Personal Information Protection Commissioner Shuhei Ohshima and U.K. Minister of State for Data Protection and Telecoms Chris Bryant issued a joint statement reaffirming and expanding the scope of the Japan-U.K. data adequacy agreement.
Following Google's announcement that it will forego its initiative to end third-party cookies, the World Wide Web Consortium reiterated its concerns and argued third-party cookies must be removed. "Third-party cookies are not good for the web.
The U.S. Department of Health and Human Services' Office for Civil Rights and California-based PIH Health reached a USD600,000 settlement over potential Health Insurance Portability and Accountability Act violations. The violations stem from a phishing attack that compromised employee email accounts and exposed unsecured electronic protected health information, affecting nearly 200,000 individuals. Full story
Toshiba Europe researchers used quantum key distribution cryptography to send encrypted messages over a German commercial telecommunications network, the Financial Times reports. Toshiba Europe Senior Scientist Robert Woodward said the research findings pave "the way for national and international scale deployment of quantum-secure communication infrastructure." Full story
South Korea's Personal Information Protection Commission published its findings of a preliminary on-site inspection of AI company DeepSeek. The PIPC's recommendations include ensuring legal grounds are completely established for transferring South Korean citizens' data to China, immediately destroying personal data previously transferred and improving transparency by publishing privacy notices in the Korean language.
The State of Florida filed a lawsuit against Snapchat parent company Snap for allegedly violating a state law barring children under age 14 from opening accounts on websites designated by the state to have "addictive features" as part of its services, MediaPost reports. The law allows 14 and 15-year-olds to open accounts with such websites if they have parental consent.Full story
Citizens of France, Germany, Italy, Spain and the U.K. are generally less enthusiastic than business leaders about the widespread adoption of AI technology, according to polling obtained by Euronews. The survey polled 8,000 citizens across the five countries and 740 business leaders about 15 different frontier technologies, including generative AI.