The existing real-time bidding infrastructure as a key element underpinning the "free" internet is poised to be upended by the U.S. Department of Justice's final rule restricting the flow of bulk transfers of sensitive data to six adversarial countries, Senior Data Privacy and Compliance Consultant Mandy Lit, CIPP/C, CIPM, FIP, writes in an op-ed.
IAB Europe published a study exploring how European consumers view online advertising, data protection and the trade-offs required to sustain free digital services. The study surveyed 10,500 web users ages 16 and older in 12 European Economic Area nations and found the average European consumer enjoys 212 euros worth of services per month, which is primarily funded through advertising.
The U.K. Department for Science, Innovation and Technology released the Cyber Governance Code of Practice, geared toward helping directors and boards adhere to cybersecurity best practices. "Building and maintaining cyber resilience is therefore crucial to protecting organisations' financial viability," the DSIT stated.
The U.S. Court of Appeals for the 4th Circuit ruled the Department of Government Efficiency could access citizens' personally identifiable information collected by government agencies, The Hill reports.
France's data protection authority, the Commission nationale de l'informatique et des libertés, updated its recommendations on mobile app data protection. The updated recommendations, previously published fall 2024, correct "certain errors, omissions or inconsistencies" and is annotated to point out where corrections have been made.Full story
South Korea's Personal Information Protection Commission is seeking products to review under its Privacy By Design 2025 certification program. The PIPC is specifically targeting "information and communication technology products with personal information collection functions." Applications must be submitted by 9 May.Full story
Regulatory proposals in the EU and the U.K. aiming to prevent and detect child sexual abuse material are raising data protection and surveillance concerns, Euractiv reports. The U.K.
Spain's data protection authority, the Agencia Española de Protección de Datos, issued guidance on protecting personal data when using online services to convert photos to "Ghibli" style images. The AEPD recommended individuals use well-known apps with secure privacy policies to ensure their data remains protected.Full story
The California Privacy Protection Agency's final rules on automated decision-making technology, risk assessments and cybersecurity audits are drawing closer to completion, but the agency is still grappling with concerns and potential draft changes from the CPPA Board. IAPP Staff Writer Caitlin Andrews reports on the board's proposed modifications and restlessness around the timeline for finalization.Full story
The U.K. Investigatory Powers Tribunal ruled the government's dispute with Apple over access to users' encrypted data will be public, BBC News reports. The court ruling stated maintaining secrecy around the case would have been "a truly extraordinary step" and "we do not accept that the revelation of the bare details of the case would be damaging to the public interest or prejudicial to national security."Full story