Activity Tracker
The DPA Activity Tracker provides our latest information on developments in legislatures, judiciaries and the executive branches of G20, EU member states and Switzerland.
465 events advancing 326 policy or regulatory changes:
Graph
Table
Amendments to the Act on Consumer Protection in Electronic Commerce (E-Commerce Act/Bill no. 2120122/Act no.19255)
Implemented Act amending Consumer Protection in Electronic Commerce (E-Commerce Act/Bill no. 2120122/Act no.19255)
On 22 March 2024, the Act amending Consumer Protection in Electronic Commerce (E-Commerce Act/Bill no. 2120122/Act no.19255) entered into force. The Act broadens competencies for certain institutions. Previously, the Fair Trade Commission was the on…
Implementation Rules for Product Quality Supervision and Random Inspections
Closed public consultation on Implementation Rules for Product Quality Supervision and Random Inspections
On 19 March 2024, the State Administration for Market Regulation (SAMR) closed the public consultation on the revised implementation rules for 147 types of product quality supervision and random inspections, including servers. The revisions aim to i…
Updated Guidance on Online Tracking Technologies for HIPAA Covered Entities and Business Associates
Issued Updated Guidance on Online Tracking Technologies for HIPAA Covered Entities and Business Associates
On 18 March 2024, the Office for Civil Rights (OCR) at the Department of Health and Human Services (HHS) issued an updated Guidance outlining the responsibilities of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) covered ent…
Data-sharing measures in Regulation on data collection and sharing for short-term accommodation rental services
Adopted Regulation on data collection and sharing for short-term accommodation rentals including data-sharing measures by Council
On 18 March 2024, the Council of the European Union adopted the regulation on data collection and sharing for short-term accommodation rentals, including data-sharing measures. The regulation aims to harmonise and streamline the framework for data g…
NYDFS Insurance Circular Letter on AI use
Closed consultation on proposed Insurance Circular Letter on AI use
On 17 March 2024, the New York Department of Financial Services (NYDFS) closed a consultation on a proposed AI guidance for insurers. The Circular outlines NYDFS’s expectations towards insurers who use external consumer data and information sources …
IMY investigation into its decisions in complaints against holders of voluntary issuance certificates following Court of Appeal ruling on GDPR precedence
Announced IMY investigation into its decisions in complaints against holders of voluntary issuance certificates following Court of Appeal ruling on GDPR precedence
On 15 March 2024, the Swedish Data Protection Authority (IMY) announced a review of its handling of complaints against holders of voluntary publication licenses under the EU Data Protection Regulation (GDPR). This decision was made following the rul…
Data Protection Authority Statement Regarding Processing of Employee Health Data by Medical Entities
Issued Data Protection Authority Statement on Processing Employee Health Data by Medical Entities
On 15 March 2024, the Polish Data Protection Authority (UODO) issued a statement on the processing of health data by medical entities in a dual role as both employers and medical service providers. This was the case in the judgment of 21 December 20…
MIIT Notice for apps infringing user rights and interests
Issued MIIT Notice for Apps Infringing User Rights and Interests in March 2024
On 14 March 2024, the Chinese Ministry of Industry and Information Technology (MIIT) issued an order listing 62 apps and SDKs that were found to commit user rights violations. In particular, the apps and SDKs were found to breach the Personal Inform…
PIPC investigation into True Good Travel, Luan Korea, and D.H. International over alleged non-compliance with Personal Information Protection Act
Issued PIPC fines to True Good Travel, Luan Korea, and D.H. International for breaching Personal Information Protection Act
On 14 March 2024, the Korean Personal Information Protection Commission (PIPC) imposed fines of KRW 339'907 million and penalties of KRW 18 million on True Good Travel, Luan Korea, and D.H. International. The companies were found to have violated Ar…
Lawsuit concerning certificates of issue under Freedom Press Ordinance precedence over GDPR (Case 6027-23)
Issued ruling in lawsuit concerning certificates of issue under Freedom Press Ordinance precedence over GDPR (Case 6027-23)
On 13 March 2024, the Court of Appeal in Stockholm issued a ruling (Case 6027-23) on the applicability of the EU Data Protection Regulation (GDPR) in relation to the Swedish constitutional protection under the Basic Law on Freedom of Expression over…