Contact
Get notified
Sign In

Activity Tracker
Aggregate Dynamics
Current Threads
Analysis
Explore in Detail
About Us

Activity tracker
Aggregate Dynamics
Countries
Policy Areas
Economic Activities
Current Threads
Analysis
About Us

Contact
Get notified

Activity Tracker

The DPA Activity Tracker provides our latest information on developments in legislatures, judiciaries and the executive branches of G20, EU member states and Switzerland.

16446 events advancing 9109 policy or regulatory changes:

Most active jurisdictions Number of policy changes

Graph

Table

Excel

CSV

Most active policy areas Number of policy changes

Excel

CSV

Data governance

3624

Content moderation

1120

Consumer protection

1040

Competition

886

Authorisation, registration and licensing

770

Design and testing standards

610

Other operating condition

327

Taxation

284

Public procurement

141

International trade

120

Labour law

Intellectual property

Foreign direct investment

Instrument unspecified

Subsidies and industrial policy

Regulatory Compliance and Transparency

Targeted economic activity Number of policy changes

Excel

CSV

cross-cutting

2920

platform intermediary: user-generated content

1391

ML and AI development

1069

digital payment provider (incl. cryptocurrencies)

976

other service provider

829

platform intermediary: other

759

platform intermediary: e-commerce

693

infrastructure provider: internet and telecom services

552

software provider: other software

475

online advertising provider

378

infrastructure provider: cloud computing, storage and databases

304

search service provider

294

technological consumer goods

277

streaming service provider

235

software provider: app stores

218

messaging service provider

218

infrastructure provider: network hardware and equipment

138

infrastructure provider: other

118

DLT development

semiconductors

unspecified

Refine your search

Jurisdiction

Select All

Afghanistan

Albania

Algeria

American Samoa

Andorra

Angola

Anguilla

Antigua & Barbuda

Argentina

Armenia

Aruba

Australia

Austria

Azerbaijan

Bahamas

Bahrain

Bangladesh

Barbados

Belarus

Belgium

Belize

Benin

Bermuda

Bhutan

Bolivia

Bosnia & Herzegovina

Botswana

Brazil

British Virgin Islands

Brunei Darussalam

Bulgaria

Burkina Faso

Burundi

Cambodia

Cameroon

Canada

Cape Verde

Cayman Islands

Central African Republic

Chad

Chile

China

Chinese Taipei

Colombia

Comoros

Congo

Cook Islands

Costa Rica

Croatia

Cuba

Cyprus

Czechia

Denmark

Djibouti

Dominica

Dominican Republic

DPR Korea

DR Congo

Ecuador

Egypt

El Salvador

Equatorial Guinea

Eritrea

Estonia

Eswatini

Ethiopia

Faeroe Islands

Falkland Islands

Fiji

Finland

France

French Guiana

French Polynesia

Gabon

Gambia

Georgia

Germany

Ghana

Greece

Greenland

Grenada

Guadeloupe

Guam

Guatemala

Guinea

Guinea-Bissau

Guyana

Haiti

Honduras

Hong Kong

Hungary

Iceland

India

Indonesia

Iran

Iraq

Ireland

Israel

Italy

Ivory Coast

Jamaica

Japan

Jordan

Kazakhstan

Kenya

Kiribati

Kuwait

Kyrgyzstan

Lao

Latvia

Lebanon

Lesotho

Liberia

Libya

Liechtenstein

Lithuania

Luxembourg

Macao

Macedonia

Madagascar

Malawi

Malaysia

Maldives

Mali

Malta

Marshall Islands

Martinique

Mauritania

Mauritius

Mayotte

Mexico

Micronesia

Monaco

Mongolia

Montenegro

Montserrat

Morocco

Mozambique

Myanmar

Namibia

Nauru

Nepal

Netherlands

Netherlands Antilles

New Caledonia

New Zealand

Nicaragua

Niger

Nigeria

Niue

Norfolk Island

Northern Mariana Islands

Norway

Oman

Pakistan

Palau

Panama

Papua New Guinea

Paraguay

Peru

Philippines

Pitcairn

Poland

Portugal

Puerto Rico

Qatar

Republic of Korea

Republic of Kosovo

Republic of Moldova

Republic of the Sudan

Réunion

Romania

Russia

Rwanda

Saint Helena

Saint Kitts & Nevis

Saint Lucia

Saint Pierre & Miquelon

Saint Vincent & the Grenadines

Saint-Barthélemy

Saint-Martin

Samoa

San Marino

Sao Tome & Principe

Saudi Arabia

Senegal

Serbia

Seychelles

Sierra Leone

Singapore

Slovakia

Slovenia

Solomon Islands

Somalia

South Africa

South Sudan

Spain

Sri Lanka

State of Palestine

Suriname

Svalbard & Jan Mayen Islands

Sweden

Switzerland

Syria

Tajikistan

Tanzania

Thailand

Timor-Leste

Togo

Tokelau

Tonga

Trinidad & Tobago

Tunisia

Turkiye

Turkmenistan

Turks & Caicos Islands

Tuvalu

Uganda

Ukraine

United Arab Emirates

United Kingdom

United States of America

Uruguay

US Virgin Islands

Uzbekistan

Vanuatu

Vatican

Venezuela

Vietnam

Wallis & Futuna Islands

Western Sahara

Yemen

Zambia

Zimbabwe

SACU

MERCOSUR

Latin American Integration Association

Sub-Saharan Africa

East Asia Pacific

Europe and Central Asia

Latin America and the Caribbean

Middle East and North Africa

South Asia

LDCs

G20

Eurasian Economic Union (EEU)

The East African Community (EAC)

North America

Cotton-4

African Union

EBRD

EBRD operating countries

SIECA

ASEAN

European Union

APEC

OECD members

WTO members

ASEAN+3

CPTPP

AfCFTA

BRICS

GCC

Council of Europe

Ibero-American Network of Data Protection (RIPD)

Ibero-American General Secretariat (SEGIB)

UN members

Global Privacy Assembly Members

Forum of Small States Members

Policy Area

Select All

International trade

Competition

Content moderation

Data governance

Subsidies and industrial policy

Instrument unspecified

Other operating conditions

Public procurement

Authorisation, registration and licensing

Taxation

Foreign direct investment

Labour law

Intellectual property

Consumer protection

Design and testing standards

Regulatory Compliance and Transparency

Thread

Select All

Russia & Ukraine: Content regulation and free speech

Russia & Ukraine: Cryptocurrencies and sanction enforcement

Russia & Ukraine: Cybersecurity risk and data transfers

USTR 2022 report content

Competition enforcement in the digital economy

State of trade barriers and internet fragmentation

Protection of user speech rights

US-China tensions under the Holding Foreign Companies Accountable Act

Regulating Artificial Intelligence

The promotion of local online content

China’s new data regime

Enforcing the General Data Protection Regulation

Online content moderation requirements

Empowering enforcement agencies

Upcoming data governance policy developments

Consumer protection in the digital economy

The remuneration of online content

Digital payment policy

Cybersecurity frameworks

E-commerce policy

Employment rules for the digital economy

Regulating digital infrastructure

The non-binding side of digital policy

Registering and licensing the digital economy

The regulation of digital advertisement

Governing cookies

Governing cross-border data transfers

The TikTok crackdown

Data localisation requirements in the digital economy

The OECD/G20 Inclusive Framework on Base Erosion and Profit Shifting

Digital Services Taxes

Privacy and Artificial Intelligence

International collaboration on AI governance

Enforcement of the Digital Services Act (DSA)

The Digital Services Act legal framework

The Digital Markets Act legal framework

Enforcement of the Digital Markets Act (DMA)

Highlights in Digital Policy

Online age verification rules

Investigations and restrictions against DeepSeek

Laws and frameworks on government access to data

Policy or Regulatory Instrument

Select All

Import licensing requirement

Import quota

Import tariff

Import tariff quota

Internal taxation of imports

Import ban

Export licensing requirement

Export quota

Export tariff

Export tariff quota

Export subsidy

Export ban

Border measure, nes

Merger control regulation

Unilateral conduct regulation

Anti-competitive agreements regulation

Competition authority governance

Competition, nes

User speech right

Patent protection regulation

Content moderation regulation

Content remuneration regulation

Investment in local content obligation

Local content requirement

Content moderation, nes

Cybersecurity regulation

Data protection regulation

Data localisation requirement

Data governance, nes

Cross-border data transfer regulation

MNE: Entry and ownership rule

MNE: Financial incentive

MNE: Treatment and operations, nes

Financial grant

In-kind grant

Loan guarantee

Production subsidy

State loan

Tax or social insurance relief

State Aid, nes

Instrument unspecified

Infrastructure compensation regulation

Other operating condition, nes

Local operations requirement

Quality of Service requirement

Mandatory software installation requirement

Interoperability requirement

Public procurement blacklisting

Public procurement regulation, nes

Public procurement access

Public procurement localisation

Public procurement preference margin

Operational license requirement

Authorisation of goods or services

Business registration requirement

Prohibition of goods and services

Authorisation, registration and licensing, nes

Direct taxes including Digital Service Taxes

Indirect taxes

Customs duties on electronic transmissions

Taxation, nes

Capital injection and equity stakes (including bailouts)

State aid control

Data protection authority governance

Worker classification or protection regulation

Technology transfer requirement

Content moderation authority governance

Consumer protection, nes

Intellectual property, nes

Worker monitoring regulation

Artificial Intelligence authority governance

Age verification requirement

Organisational requirement

Testing requirement

Performance monitoring requirement

Fair marketing and advertising practice requirement

User/subject right

User identification requirement

Complaint or feedback mechanism requirement

Compliance mechanism regulation

Design requirement

Documentation requirement

Legal due diligence requirement

Notification requirement

Public disclosure requirement

Regulatory cooperation requirement

Risk management requirement

Consumer protection authority governance

Public procurement, nes

Design and testing standards, nes

Labour law, nes

Non-discrimination requirement

Government access to data

Current Status

Select All

under deliberation

under investigation

under litigation

adopted

in force

rejected

revoked

concluded

in consultation

processing consultation

in grace period

under appeal

to be revoked

Economic Activity

Select All

cross-cutting

infrastructure provider: internet and telecom services

online advertising provider

digital payment provider (incl. cryptocurrencies)

platform intermediary: user-generated content

streaming service provider

platform intermediary: e-commerce

ML and AI development

other service provider

unspecified

technological consumer goods

semiconductors

software provider: app stores

DLT development

search service provider

software provider: other software

messaging service provider

platform intermediary: other

infrastructure provider: cloud computing, storage and databases

infrastructure provider: network hardware and equipment

infrastructure provider: other

Government Branch

Select All

legislature

executive

judiciary

Government Body

Select All

parliament

other regulatory body

data protection authority

competition authority

consumer protection authority

central government

central bank

court

supreme court

tax authority

Event Type

Select All

order

outline

inquiry

decision

law

treaty

public lawsuit

investigation

declaration

civil lawsuit

Implementation level

Select All

national

supranational

subnational

bi- or plurilateral agreement

multilateral agreement

other

Event period

01 Jan 2020

26 Mar 2025

Adjust filters

Jurisdiction

Select All

Afghanistan

Albania

Algeria

American Samoa

Andorra

Angola

Anguilla

Antigua & Barbuda

Argentina

Armenia

Aruba

Australia

Austria

Azerbaijan

Bahamas

Bahrain

Bangladesh

Barbados

Belarus

Belgium

Belize

Benin

Bermuda

Bhutan

Bolivia

Bosnia & Herzegovina

Botswana

Brazil

British Virgin Islands

Brunei Darussalam

Bulgaria

Burkina Faso

Burundi

Cambodia

Cameroon

Canada

Cape Verde

Cayman Islands

Central African Republic

Chad

Chile

China

Chinese Taipei

Colombia

Comoros

Congo

Cook Islands

Costa Rica

Croatia

Cuba

Cyprus

Czechia

Denmark

Djibouti

Dominica

Dominican Republic

DPR Korea

DR Congo

Ecuador

Egypt

El Salvador

Equatorial Guinea

Eritrea

Estonia

Eswatini

Ethiopia

Faeroe Islands

Falkland Islands

Fiji

Finland

France

French Guiana

French Polynesia

Gabon

Gambia

Georgia

Germany

Ghana

Greece

Greenland

Grenada

Guadeloupe

Guam

Guatemala

Guinea

Guinea-Bissau

Guyana

Haiti

Honduras

Hong Kong

Hungary

Iceland

India

Indonesia

Iran

Iraq

Ireland

Israel

Italy

Ivory Coast

Jamaica

Japan

Jordan

Kazakhstan

Kenya

Kiribati

Kuwait

Kyrgyzstan

Lao

Latvia

Lebanon

Lesotho

Liberia

Libya

Liechtenstein

Lithuania

Luxembourg

Macao

Macedonia

Madagascar

Malawi

Malaysia

Maldives

Mali

Malta

Marshall Islands

Martinique

Mauritania

Mauritius

Mayotte

Mexico

Micronesia

Monaco

Mongolia

Montenegro

Montserrat

Morocco

Mozambique

Myanmar

Namibia

Nauru

Nepal

Netherlands

Netherlands Antilles

New Caledonia

New Zealand

Nicaragua

Niger

Nigeria

Niue

Norfolk Island

Northern Mariana Islands

Norway

Oman

Pakistan

Palau

Panama

Papua New Guinea

Paraguay

Peru

Philippines

Pitcairn

Poland

Portugal

Puerto Rico

Qatar

Republic of Korea

Republic of Kosovo

Republic of Moldova

Republic of the Sudan

Réunion

Romania

Russia

Rwanda

Saint Helena

Saint Kitts & Nevis

Saint Lucia

Saint Pierre & Miquelon

Saint Vincent & the Grenadines

Saint-Barthélemy

Saint-Martin

Samoa

San Marino

Sao Tome & Principe

Saudi Arabia

Senegal

Serbia

Seychelles

Sierra Leone

Singapore

Slovakia

Slovenia

Solomon Islands

Somalia

South Africa

South Sudan

Spain

Sri Lanka

State of Palestine

Suriname

Svalbard & Jan Mayen Islands

Sweden

Switzerland

Syria

Tajikistan

Tanzania

Thailand

Timor-Leste

Togo

Tokelau

Tonga

Trinidad & Tobago

Tunisia

Turkiye

Turkmenistan

Turks & Caicos Islands

Tuvalu

Uganda

Ukraine

United Arab Emirates

United Kingdom

United States of America

Uruguay

US Virgin Islands

Uzbekistan

Vanuatu

Vatican

Venezuela

Vietnam

Wallis & Futuna Islands

Western Sahara

Yemen

Zambia

Zimbabwe

SACU

MERCOSUR

Latin American Integration Association

Sub-Saharan Africa

East Asia Pacific

Europe and Central Asia

Latin America and the Caribbean

Middle East and North Africa

South Asia

LDCs

G20

Eurasian Economic Union (EEU)

The East African Community (EAC)

North America

Cotton-4

African Union

EBRD

EBRD operating countries

SIECA

ASEAN

European Union

APEC

OECD members

WTO members

ASEAN+3

CPTPP

AfCFTA

BRICS

GCC

Council of Europe

Ibero-American Network of Data Protection (RIPD)

Ibero-American General Secretariat (SEGIB)

UN members

Global Privacy Assembly Members

Forum of Small States Members

Policy Area

Select All

International trade

Competition

Content moderation

Data governance

Subsidies and industrial policy

Instrument unspecified

Other operating conditions

Public procurement

Authorisation, registration and licensing

Taxation

Foreign direct investment

Labour law

Intellectual property

Consumer protection

Design and testing standards

Regulatory Compliance and Transparency

Thread

Select All

Russia & Ukraine: Content regulation and free speech

Russia & Ukraine: Cryptocurrencies and sanction enforcement

Russia & Ukraine: Cybersecurity risk and data transfers

USTR 2022 report content

Competition enforcement in the digital economy

State of trade barriers and internet fragmentation

Protection of user speech rights

US-China tensions under the Holding Foreign Companies Accountable Act

Regulating Artificial Intelligence

The promotion of local online content

China’s new data regime

Enforcing the General Data Protection Regulation

Online content moderation requirements

Empowering enforcement agencies

Upcoming data governance policy developments

Consumer protection in the digital economy

The remuneration of online content

Digital payment policy

Cybersecurity frameworks

E-commerce policy

Employment rules for the digital economy

Regulating digital infrastructure

The non-binding side of digital policy

Registering and licensing the digital economy

The regulation of digital advertisement

Governing cookies

Governing cross-border data transfers

The TikTok crackdown

Data localisation requirements in the digital economy

The OECD/G20 Inclusive Framework on Base Erosion and Profit Shifting

Digital Services Taxes

Privacy and Artificial Intelligence

International collaboration on AI governance

Enforcement of the Digital Services Act (DSA)

The Digital Services Act legal framework

The Digital Markets Act legal framework

Enforcement of the Digital Markets Act (DMA)

Highlights in Digital Policy

Online age verification rules

Investigations and restrictions against DeepSeek

Laws and frameworks on government access to data

Policy or Regulatory Instrument

Select All

Import licensing requirement

Import quota

Import tariff

Import tariff quota

Internal taxation of imports

Import ban

Export licensing requirement

Export quota

Export tariff

Export tariff quota

Export subsidy

Export ban

Border measure, nes

Merger control regulation

Unilateral conduct regulation

Anti-competitive agreements regulation

Competition authority governance

Competition, nes

User speech right

Patent protection regulation

Content moderation regulation

Content remuneration regulation

Investment in local content obligation

Local content requirement

Content moderation, nes

Cybersecurity regulation

Data protection regulation

Data localisation requirement

Data governance, nes

Cross-border data transfer regulation

MNE: Entry and ownership rule

MNE: Financial incentive

MNE: Treatment and operations, nes

Financial grant

In-kind grant

Loan guarantee

Production subsidy

State loan

Tax or social insurance relief

State Aid, nes

Instrument unspecified

Infrastructure compensation regulation

Other operating condition, nes

Local operations requirement

Quality of Service requirement

Mandatory software installation requirement

Interoperability requirement

Public procurement blacklisting

Public procurement regulation, nes

Public procurement access

Public procurement localisation

Public procurement preference margin

Operational license requirement

Authorisation of goods or services

Business registration requirement

Prohibition of goods and services

Authorisation, registration and licensing, nes

Direct taxes including Digital Service Taxes

Indirect taxes

Customs duties on electronic transmissions

Taxation, nes

Capital injection and equity stakes (including bailouts)

State aid control

Data protection authority governance

Worker classification or protection regulation

Technology transfer requirement

Content moderation authority governance

Consumer protection, nes

Intellectual property, nes

Worker monitoring regulation

Artificial Intelligence authority governance

Age verification requirement

Organisational requirement

Testing requirement

Performance monitoring requirement

Fair marketing and advertising practice requirement

User/subject right

User identification requirement

Complaint or feedback mechanism requirement

Compliance mechanism regulation

Design requirement

Documentation requirement

Legal due diligence requirement

Notification requirement

Public disclosure requirement

Regulatory cooperation requirement

Risk management requirement

Consumer protection authority governance

Public procurement, nes

Design and testing standards, nes

Labour law, nes

Non-discrimination requirement

Government access to data

Current Status

Select All

under deliberation

under investigation

under litigation

adopted

in force

rejected

revoked

concluded

in consultation

processing consultation

in grace period

under appeal

to be revoked

Economic Activity

Select All

cross-cutting

infrastructure provider: internet and telecom services

online advertising provider

digital payment provider (incl. cryptocurrencies)

platform intermediary: user-generated content

streaming service provider

platform intermediary: e-commerce

ML and AI development

other service provider

unspecified

technological consumer goods

semiconductors

software provider: app stores

DLT development

search service provider

software provider: other software

messaging service provider

platform intermediary: other

infrastructure provider: cloud computing, storage and databases

infrastructure provider: network hardware and equipment

infrastructure provider: other

Government Branch

Select All

legislature

executive

judiciary

Government Body

Select All

parliament

other regulatory body

data protection authority

competition authority

consumer protection authority

central government

central bank

court

supreme court

tax authority

Event Type

Select All

order

outline

inquiry

decision

law

treaty

public lawsuit

investigation

declaration

civil lawsuit

Implementation level

Select All

national

supranational

subnational

bi- or plurilateral agreement

multilateral agreement

other

Event period

01 Jan 2020

26 Mar 2025

16446 events advancing 9109 policy or regulatory changes:

CSV Excel

concluded

Public Accounts Committee inquiry into use of AI in government

Latest event Date: 2025-03-26 inquiry closure

Public Accounts Committee issued report on use of AI in government including public procurement access

On 26 March 2025, the Public Accounts Committee (PAC) in the House of Commons issued a report titled Government’s Use of Artificial Intelligence, which examined the ability of public sector procurement systems to support a competitive and innovative…

Implementer

United Kingdom

Policy area Public procurement

Policy or regulatory element Public procurement access

Economic activity ML and AI development, other service provider

processing consultation

Act on protection of minors against access to harmful content on the Internet

Latest event Date: 2025-03-26 law consultation closed

Ministry of Digitalisation closes consultation on draft Act on protection of minors against access to harmful content on the Internet

On 26 March 2025, the Ministry of Digitalisation closes its public consultation on the draft Act on the protection of minors against access to harmful content on the Internet. The draft Act aims to limit minors' access to pornographic content and in…

Implementer

Poland

Policy area Consumer protection

Policy or regulatory element Age verification requirement

Economic activity infrastructure provider: internet and telecom services, platform intermediary: user-generated content

in consultation

National Commission on Informatics and Liberty recommendation on use of location data from connected vehicles

Latest event Date: 2025-03-25 outline consultation opened

National Commission on Informatics and Liberty opened consultation on draft recommendation on use of location data from connected vehicles

On 25 March 2025, the National Commission on Informatics and Liberty (CNIL) initiated a public consultation, set to close on 20 May 2025, on a draft recommendation focused on location data usage by connected vehicles in the technological consumer go…

Implementer

France

Policy area Data governance

Policy or regulatory element Data protection regulation

Economic activity technological consumer goods, software provider: other software, infrastructure provider: cloud computing, storage and databases

in grace period

Regulation (EU) 2025/327 establishing a European Health Data Space (EHDS) including rules for portability and sharing of health data

Latest event Date: 2025-03-25 law in force with grace period

European Health Data Space (EHDS) Regulation (2025/327) enters into force with grace period

On 25 March 2025, the European Health Data Space (EHDS) Regulation (2025/327) entered into force with a grace period. The Regulation facilitates access to electronic health data for primary use in healthcare and secondary use for research, policy ma…

Implementer

European Union

Policy area Data governance

Policy or regulatory element Data protection regulation

Economic activity cross-cutting

processing consultation

Privacy Protection Authority statement on implementation of consent principle

Latest event Date: 2025-03-24 outline consultation closed

Privacy Protection Authority closes consultation on statement on implementation of consent principle

On 24 March 2025, the Privacy Protection Authority of Israel closes a public consultation on the statement clarifying the application of the consent principle under national data protection laws. The statement reflects the legal interpretation that …

Implementer

Israel

Policy area Data governance

Policy or regulatory element Data protection authority governance

Economic activity cross-cutting

rejected

Testing requirements in Act on the development, deployment and use of high-risk artificial intelligence (HB 2094)

Latest event Date: 2025-03-24 law veto

High-Risk Artificial Intelligence Developer and Deployer Act including testing requirements (HB 2094) was vetoed by Governor

On 24 March 2025, the Virginia Governor vetoed the Act on the development, deployment, and use of high-risk artificial intelligence (AI). The Act would have outlined the responsibilities of developers and deployers of AI. In particular, it would hav…

Implementer

United States of America

Policy area Design and testing standards

Policy or regulatory element Testing requirement

Economic activity ML and AI development

rejected

Design requirements in Act on development, deployment and use of high-risk artificial intelligence (HB 2094)

Latest event Date: 2025-03-24 law veto

Act on the development, deployment and use of high-risk artificial intelligence including design requirements (HB 2094) was vetoed by Governor

On 24 March 2025, the Virginia Governor vetoed the Act on the development, deployment, and use of high-risk artificial intelligence (AI). The Act would have applied to developers and deployers of high-risk AI systems in Virginia. It would have requi…

Implementer

United States of America

Policy area Design and testing standards

Policy or regulatory element Design requirement

Economic activity ML and AI development

processing consultation

Prudential Regulation Authority inquiry into firms' exposure to cryptoassets

Latest event Date: 2025-03-24 inquiry consultation closed

Closed consultation on Prudential Regulation Authority inquiry into firms' exposure to cryptoassets

On 24 March 2025, the Prudential Regulation Authority (PRA) closes its data request to gather information on firms' current expected future crypto-asset exposures and their application of the Basel framework for the prudential treatment of cryptoass…

Implementer

United Kingdom

Policy area Consumer protection

Policy or regulatory element Quality of Service requirement

Economic activity digital payment provider (incl. cryptocurrencies), DLT development

under investigation

Office of the Privacy Commissioner of Canada and UK Information Commissioner's Office joint investigation into 23andMe's compliance with cybersecurity regulations

Latest event Date: 2025-03-24 investigation interim ruling

UK Information Commissioner’s Office issued provisional findings and proposed fine to 23andMe following joint investigation with Office of the Privacy Commissioner of Canada regarding compliance with cybersecurity regulations

On 24 March 2025, the UK Information Commissioner’s Office (ICO) issued provisional findings, a notice of intent to impose a fine of £4.59 million, and a preliminary enforcement notice to 23andMe. This action followed a joint investigation with the …

Implementer

CanadaUnited Kingdom

Policy area Data governance

Policy or regulatory element Cybersecurity regulation

Economic activity other service provider

adopted

National Institute of Standards and Technology's Guidance on Adversarial Machine Learning Threats

Latest event Date: 2025-03-24 outline adoption

Published updated NIST Guidance on Adversarial Machine Learning Threats (NIST.AI.100-2 E2025)

On 24 March 2025, the National Institute of Standards and Technology (NIST) published an updated version of Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations (NIST.AI.100-2 E2025). This provides an update from the i…

Implementer

United States of America

Policy area Data governance

Policy or regulatory element Cybersecurity regulation

Economic activity ML and AI development

Showing 12 items per page

Page

...

911

Contact

Twitter

Get notified

Current

Digital Services Taxes
The OECD/G20 Inclusive Framework on Base Erosion and Profit Shifting
Data localisation requirements in the digital economy

An SGEPT initiative

All content is available under the Creative Commons Attribution 4.0 International license, except where otherwise stated.

Imprint Privacy Policy

We use cookies and other technologies to perform analytics on our website. By opting in, you consent to the use by us and our third-party partners of cookies and data gathered from your use of our platform. See our Privacy Policy to learn more about the use of data and your rights.