Contact
Get notified
Sign In

Activity Tracker
Explore in Detail
Current Threads
Analysis
Support Us
- About Us
- Donate
API Access

Activity tracker
Aggregate Dynamics
Countries
Policy Areas
Economic Activities
Current Threads
Analysis
About Us
Donate
API Access

Contact
Get notified
Sign In

Activity Tracker

The DPA Activity Tracker provides our latest information on developments in legislatures, judiciaries and the executive branches of G20, EU member states and Switzerland.

266 events advancing 233 policy or regulatory changes:

Most active jurisdictions Number of policy changes

Graph

Table

Most active policy areas Number of policy changes

Targeted economic activity Number of policy changes

Refine your search

Jurisdiction

Select All

Afghanistan

Albania

Algeria

American Samoa

Andorra

Angola

Anguilla

Antigua & Barbuda

Argentina

Armenia

Aruba

Australia

Austria

Azerbaijan

Bahamas

Bahrain

Bangladesh

Barbados

Belarus

Belgium

Belize

Benin

Bermuda

Bhutan

Bolivia

Bosnia & Herzegovina

Botswana

Brazil

British Virgin Islands

Brunei Darussalam

Bulgaria

Burkina Faso

Burundi

Cambodia

Cameroon

Canada

Cape Verde

Cayman Islands

Central African Republic

Chad

Chile

China

Chinese Taipei

Colombia

Comoros

Congo

Cook Islands

Costa Rica

Croatia

Cuba

Cyprus

Czechia

Denmark

Djibouti

Dominica

Dominican Republic

DPR Korea

DR Congo

Ecuador

Egypt

El Salvador

Equatorial Guinea

Eritrea

Estonia

Eswatini

Ethiopia

Faeroe Islands

Falkland Islands

Fiji

Finland

France

French Guiana

French Polynesia

Gabon

Gambia

Georgia

Germany

Ghana

Greece

Greenland

Grenada

Guadeloupe

Guam

Guatemala

Guinea

Guinea-Bissau

Guyana

Haiti

Honduras

Hong Kong

Hungary

Iceland

India

Indonesia

Iran

Iraq

Ireland

Israel

Italy

Ivory Coast

Jamaica

Japan

Jordan

Kazakhstan

Kenya

Kiribati

Kuwait

Kyrgyzstan

Lao

Latvia

Lebanon

Lesotho

Liberia

Libya

Liechtenstein

Lithuania

Luxembourg

Macao

Macedonia

Madagascar

Malawi

Malaysia

Maldives

Mali

Malta

Marshall Islands

Martinique

Mauritania

Mauritius

Mayotte

Mexico

Micronesia

Monaco

Mongolia

Montenegro

Montserrat

Morocco

Mozambique

Myanmar

Namibia

Nauru

Nepal

Netherlands

Netherlands Antilles

New Caledonia

New Zealand

Nicaragua

Niger

Nigeria

Niue

Norfolk Island

Northern Mariana Islands

Norway

Oman

Pakistan

Palau

Panama

Papua New Guinea

Paraguay

Peru

Philippines

Pitcairn

Poland

Portugal

Puerto Rico

Qatar

Republic of Korea

Republic of Kosovo

Republic of Moldova

Republic of the Sudan

Réunion

Romania

Russia

Rwanda

Saint Helena

Saint Kitts & Nevis

Saint Lucia

Saint Pierre & Miquelon

Saint Vincent & the Grenadines

Saint-Barthélemy

Saint-Martin

Samoa

San Marino

Sao Tome & Principe

Saudi Arabia

Senegal

Serbia

Seychelles

Sierra Leone

Singapore

Slovakia

Slovenia

Solomon Islands

Somalia

South Africa

South Sudan

Spain

Sri Lanka

State of Palestine

Suriname

Svalbard & Jan Mayen Islands

Sweden

Switzerland

Syria

Tajikistan

Tanzania

Thailand

Timor-Leste

Togo

Tokelau

Tonga

Trinidad & Tobago

Tunisia

Turkiye

Turkmenistan

Turks & Caicos Islands

Tuvalu

Uganda

Ukraine

United Arab Emirates

United Kingdom

United States of America

Uruguay

US Virgin Islands

Uzbekistan

Vanuatu

Vatican

Venezuela

Vietnam

Wallis & Futuna Islands

Western Sahara

Yemen

Zambia

Zimbabwe

SACU

MERCOSUR

Latin American Integration Association

Sub-Saharan Africa

East Asia Pacific

Europe and Central Asia

Latin America and the Caribbean

Middle East and North Africa

South Asia

LDCs

G20

Eurasian Economic Union (EEU)

The East African Community (EAC)

North America

Cotton-4

African Union

EBRD

EBRD operating countries

SIECA

ASEAN

European Union

APEC

OECD members

WTO members

ASEAN+3

CPTPP

AfCFTA

BRICS

GCC

Council of Europe

Ibero-American Network of Data Protection (RIPD)

Ibero-American General Secretariat (SEGIB)

UN members

Global Privacy Assembly Members

Forum of Small States Members

BRICS+

Policy Area

Select All

International trade

Competition

Content moderation

Data governance

Subsidies and industrial policy

Instrument unspecified

Other operating conditions

Public procurement

Authorisation, registration and licensing

Taxation

Foreign direct investment

Labour law

Intellectual property

Consumer protection

Design and testing standards

Regulatory Compliance and Transparency

Thread

Select All

Russia & Ukraine: Content regulation and free speech

Russia & Ukraine: Cryptocurrencies and sanction enforcement

Russia & Ukraine: Cybersecurity risk and data transfers

USTR 2022 report content

Competition enforcement in the digital economy

State of trade barriers and internet fragmentation

Protection of user speech rights

US-China tensions under the Holding Foreign Companies Accountable Act

Regulating Artificial Intelligence

The promotion of local online content

China’s new data regime

Enforcing the General Data Protection Regulation

Online content moderation requirements

Empowering enforcement agencies

Upcoming data governance policy developments

Consumer protection in the digital economy

The remuneration of online content

Digital payment policy

Cybersecurity frameworks

E-commerce policy

Employment rules for the digital economy

Regulating digital infrastructure

The non-binding side of digital policy

Registering and licensing the digital economy

The regulation of digital advertisement

Governing cookies

Governing cross-border data transfers

The TikTok crackdown

Data localisation requirements in the digital economy

The OECD/G20 Inclusive Framework on Base Erosion and Profit Shifting

Digital Services Taxes

Privacy and Artificial Intelligence

International collaboration on AI governance

Enforcement of the Digital Services Act (DSA)

The Digital Services Act legal framework

The Digital Markets Act legal framework

Enforcement of the Digital Markets Act (DMA)

Highlights in Digital Policy

Online age verification rules

Investigations and restrictions against DeepSeek

Laws and frameworks on government access to data

Policy or Regulatory Instrument

Select All

Import licensing requirement

Import quota

Import tariff

Import tariff quota

Internal taxation of imports

Import ban

Export licensing requirement

Export quota

Export tariff

Export tariff quota

Export subsidy

Export ban

Border measure, nes

Merger control regulation

Unilateral conduct regulation

Anti-competitive agreements regulation

Competition authority governance

Competition, nes

User speech right

Patent protection regulation

Content moderation regulation

Content remuneration regulation

Investment in local content obligation

Local content requirement

Content moderation, nes

Cybersecurity regulation

Data protection regulation

Data localisation requirement

Data governance, nes

Cross-border data transfer regulation

MNE: Entry and ownership rule

MNE: Financial incentive

MNE: Treatment and operations, nes

Financial grant

In-kind grant

Loan guarantee

Production subsidy

State loan

Tax or social insurance relief

State Aid, nes

Instrument unspecified

Infrastructure compensation regulation

Other operating condition, nes

Local operations requirement

Quality of Service requirement

Mandatory software installation requirement

Interoperability requirement

Public procurement blacklisting

Public procurement regulation, nes

Public procurement access

Public procurement localisation

Public procurement preference margin

Operational license requirement

Authorisation of goods or services

Business registration requirement

Prohibition of goods and services

Authorisation, registration and licensing, nes

Direct taxes including Digital Service Taxes

Indirect taxes

Customs duties on electronic transmissions

Taxation, nes

Capital injection and equity stakes (including bailouts)

State aid control

Data protection authority governance

Worker classification or protection regulation

Technology transfer requirement

Content moderation authority governance

Consumer protection, nes

Intellectual property, nes

Worker monitoring regulation

Artificial Intelligence authority governance

Age verification requirement

Organisational requirement

Testing requirement

Performance monitoring requirement

Fair marketing and advertising practice requirement

User/subject right

User identification requirement

Complaint or feedback mechanism requirement

Compliance mechanism regulation

Design requirement

Documentation requirement

Legal due diligence requirement

Notification requirement

Public disclosure requirement

Regulatory cooperation requirement

Risk management requirement

Consumer protection authority governance

Public procurement, nes

Design and testing standards, nes

Labour law, nes

Non-discrimination requirement

Government access to data

Current Status

Select All

under deliberation

under investigation

under litigation

adopted

in force

rejected

revoked

concluded

in consultation

processing consultation

in grace period

under appeal

to be revoked

Economic Activity

Select All

cross-cutting

infrastructure provider: internet and telecom services

online advertising provider

digital payment provider (incl. cryptocurrencies)

platform intermediary: user-generated content

streaming service provider

platform intermediary: e-commerce

ML and AI development

other service provider

unspecified

technological consumer goods

semiconductors

software provider: app stores

DLT development

search service provider

software provider: other software

messaging service provider

platform intermediary: other

infrastructure provider: cloud computing, storage and databases

infrastructure provider: network hardware and equipment

infrastructure provider: other

Government Branch

Select All

legislature

executive

judiciary

Government Body

Select All

parliament

other regulatory body

data protection authority

competition authority

consumer protection authority

central government

central bank

court

supreme court

tax authority

Event Type

Select All

order

outline

inquiry

decision

law

treaty

public lawsuit

investigation

declaration

civil lawsuit

Implementation level

Select All

national

supranational

subnational

bi- or plurilateral agreement

multilateral agreement

other

Event period

Reset filters

Adjust filters

Jurisdiction

Select All

Afghanistan

Albania

Algeria

American Samoa

Andorra

Angola

Anguilla

Antigua & Barbuda

Argentina

Armenia

Aruba

Australia

Austria

Azerbaijan

Bahamas

Bahrain

Bangladesh

Barbados

Belarus

Belgium

Belize

Benin

Bermuda

Bhutan

Bolivia

Bosnia & Herzegovina

Botswana

Brazil

British Virgin Islands

Brunei Darussalam

Bulgaria

Burkina Faso

Burundi

Cambodia

Cameroon

Canada

Cape Verde

Cayman Islands

Central African Republic

Chad

Chile

China

Chinese Taipei

Colombia

Comoros

Congo

Cook Islands

Costa Rica

Croatia

Cuba

Cyprus

Czechia

Denmark

Djibouti

Dominica

Dominican Republic

DPR Korea

DR Congo

Ecuador

Egypt

El Salvador

Equatorial Guinea

Eritrea

Estonia

Eswatini

Ethiopia

Faeroe Islands

Falkland Islands

Fiji

Finland

France

French Guiana

French Polynesia

Gabon

Gambia

Georgia

Germany

Ghana

Greece

Greenland

Grenada

Guadeloupe

Guam

Guatemala

Guinea

Guinea-Bissau

Guyana

Haiti

Honduras

Hong Kong

Hungary

Iceland

India

Indonesia

Iran

Iraq

Ireland

Israel

Italy

Ivory Coast

Jamaica

Japan

Jordan

Kazakhstan

Kenya

Kiribati

Kuwait

Kyrgyzstan

Lao

Latvia

Lebanon

Lesotho

Liberia

Libya

Liechtenstein

Lithuania

Luxembourg

Macao

Macedonia

Madagascar

Malawi

Malaysia

Maldives

Mali

Malta

Marshall Islands

Martinique

Mauritania

Mauritius

Mayotte

Mexico

Micronesia

Monaco

Mongolia

Montenegro

Montserrat

Morocco

Mozambique

Myanmar

Namibia

Nauru

Nepal

Netherlands

Netherlands Antilles

New Caledonia

New Zealand

Nicaragua

Niger

Nigeria

Niue

Norfolk Island

Northern Mariana Islands

Norway

Oman

Pakistan

Palau

Panama

Papua New Guinea

Paraguay

Peru

Philippines

Pitcairn

Poland

Portugal

Puerto Rico

Qatar

Republic of Korea

Republic of Kosovo

Republic of Moldova

Republic of the Sudan

Réunion

Romania

Russia

Rwanda

Saint Helena

Saint Kitts & Nevis

Saint Lucia

Saint Pierre & Miquelon

Saint Vincent & the Grenadines

Saint-Barthélemy

Saint-Martin

Samoa

San Marino

Sao Tome & Principe

Saudi Arabia

Senegal

Serbia

Seychelles

Sierra Leone

Singapore

Slovakia

Slovenia

Solomon Islands

Somalia

South Africa

South Sudan

Spain

Sri Lanka

State of Palestine

Suriname

Svalbard & Jan Mayen Islands

Sweden

Switzerland

Syria

Tajikistan

Tanzania

Thailand

Timor-Leste

Togo

Tokelau

Tonga

Trinidad & Tobago

Tunisia

Turkiye

Turkmenistan

Turks & Caicos Islands

Tuvalu

Uganda

Ukraine

United Arab Emirates

United Kingdom

United States of America

Uruguay

US Virgin Islands

Uzbekistan

Vanuatu

Vatican

Venezuela

Vietnam

Wallis & Futuna Islands

Western Sahara

Yemen

Zambia

Zimbabwe

SACU

MERCOSUR

Latin American Integration Association

Sub-Saharan Africa

East Asia Pacific

Europe and Central Asia

Latin America and the Caribbean

Middle East and North Africa

South Asia

LDCs

G20

Eurasian Economic Union (EEU)

The East African Community (EAC)

North America

Cotton-4

African Union

EBRD

EBRD operating countries

SIECA

ASEAN

European Union

APEC

OECD members

WTO members

ASEAN+3

CPTPP

AfCFTA

BRICS

GCC

Council of Europe

Ibero-American Network of Data Protection (RIPD)

Ibero-American General Secretariat (SEGIB)

UN members

Global Privacy Assembly Members

Forum of Small States Members

BRICS+

Policy Area

Select All

International trade

Competition

Content moderation

Data governance

Subsidies and industrial policy

Instrument unspecified

Other operating conditions

Public procurement

Authorisation, registration and licensing

Taxation

Foreign direct investment

Labour law

Intellectual property

Consumer protection

Design and testing standards

Regulatory Compliance and Transparency

Thread

Select All

Russia & Ukraine: Content regulation and free speech

Russia & Ukraine: Cryptocurrencies and sanction enforcement

Russia & Ukraine: Cybersecurity risk and data transfers

USTR 2022 report content

Competition enforcement in the digital economy

State of trade barriers and internet fragmentation

Protection of user speech rights

US-China tensions under the Holding Foreign Companies Accountable Act

Regulating Artificial Intelligence

The promotion of local online content

China’s new data regime

Enforcing the General Data Protection Regulation

Online content moderation requirements

Empowering enforcement agencies

Upcoming data governance policy developments

Consumer protection in the digital economy

The remuneration of online content

Digital payment policy

Cybersecurity frameworks

E-commerce policy

Employment rules for the digital economy

Regulating digital infrastructure

The non-binding side of digital policy

Registering and licensing the digital economy

The regulation of digital advertisement

Governing cookies

Governing cross-border data transfers

The TikTok crackdown

Data localisation requirements in the digital economy

The OECD/G20 Inclusive Framework on Base Erosion and Profit Shifting

Digital Services Taxes

Privacy and Artificial Intelligence

International collaboration on AI governance

Enforcement of the Digital Services Act (DSA)

The Digital Services Act legal framework

The Digital Markets Act legal framework

Enforcement of the Digital Markets Act (DMA)

Highlights in Digital Policy

Online age verification rules

Investigations and restrictions against DeepSeek

Laws and frameworks on government access to data

Policy or Regulatory Instrument

Select All

Import licensing requirement

Import quota

Import tariff

Import tariff quota

Internal taxation of imports

Import ban

Export licensing requirement

Export quota

Export tariff

Export tariff quota

Export subsidy

Export ban

Border measure, nes

Merger control regulation

Unilateral conduct regulation

Anti-competitive agreements regulation

Competition authority governance

Competition, nes

User speech right

Patent protection regulation

Content moderation regulation

Content remuneration regulation

Investment in local content obligation

Local content requirement

Content moderation, nes

Cybersecurity regulation

Data protection regulation

Data localisation requirement

Data governance, nes

Cross-border data transfer regulation

MNE: Entry and ownership rule

MNE: Financial incentive

MNE: Treatment and operations, nes

Financial grant

In-kind grant

Loan guarantee

Production subsidy

State loan

Tax or social insurance relief

State Aid, nes

Instrument unspecified

Infrastructure compensation regulation

Other operating condition, nes

Local operations requirement

Quality of Service requirement

Mandatory software installation requirement

Interoperability requirement

Public procurement blacklisting

Public procurement regulation, nes

Public procurement access

Public procurement localisation

Public procurement preference margin

Operational license requirement

Authorisation of goods or services

Business registration requirement

Prohibition of goods and services

Authorisation, registration and licensing, nes

Direct taxes including Digital Service Taxes

Indirect taxes

Customs duties on electronic transmissions

Taxation, nes

Capital injection and equity stakes (including bailouts)

State aid control

Data protection authority governance

Worker classification or protection regulation

Technology transfer requirement

Content moderation authority governance

Consumer protection, nes

Intellectual property, nes

Worker monitoring regulation

Artificial Intelligence authority governance

Age verification requirement

Organisational requirement

Testing requirement

Performance monitoring requirement

Fair marketing and advertising practice requirement

User/subject right

User identification requirement

Complaint or feedback mechanism requirement

Compliance mechanism regulation

Design requirement

Documentation requirement

Legal due diligence requirement

Notification requirement

Public disclosure requirement

Regulatory cooperation requirement

Risk management requirement

Consumer protection authority governance

Public procurement, nes

Design and testing standards, nes

Labour law, nes

Non-discrimination requirement

Government access to data

Current Status

Select All

under deliberation

under investigation

under litigation

adopted

in force

rejected

revoked

concluded

in consultation

processing consultation

in grace period

under appeal

to be revoked

Economic Activity

Select All

cross-cutting

infrastructure provider: internet and telecom services

online advertising provider

digital payment provider (incl. cryptocurrencies)

platform intermediary: user-generated content

streaming service provider

platform intermediary: e-commerce

ML and AI development

other service provider

unspecified

technological consumer goods

semiconductors

software provider: app stores

DLT development

search service provider

software provider: other software

messaging service provider

platform intermediary: other

infrastructure provider: cloud computing, storage and databases

infrastructure provider: network hardware and equipment

infrastructure provider: other

Government Branch

Select All

legislature

executive

judiciary

Government Body

Select All

parliament

other regulatory body

data protection authority

competition authority

consumer protection authority

central government

central bank

court

supreme court

tax authority

Event Type

Select All

order

outline

inquiry

decision

law

treaty

public lawsuit

investigation

declaration

civil lawsuit

Implementation level

Select All

national

supranational

subnational

bi- or plurilateral agreement

multilateral agreement

other

Event period

266 events advancing 233 policy or regulatory changes:

CSV Excel

in force

Public procurement access in Law on Promoting Private Economy

Latest event Date: 2025-05-20 law implementation

Law on Promoting Private Economy including public procurement access enters into force

On 20 May 2025, the Law on Promoting Private Economy enters into force. The Law stipulates that public procurement and other public resource transactions must be conducted in an open and transparent manner, and that all economic organisations, inclu…

Implementer

China

Policy area Public procurement

Policy or regulatory element Public procurement access

Economic activity cross-cutting

processing consultation

National Commission on Informatics and Liberty recommendation on use of location data from connected vehicles

Latest event Date: 2025-05-20 outline consultation closed

National Commission on Informatics and Liberty closes consultation on draft recommendation on use of location data from connected vehicles

On 20 May 2025, the National Commission on Informatics and Liberty (CNIL) closes its consultation on a draft recommendation focused on location data usage by connected vehicles in the technological consumer goods sector. The draft offers practical g…

Implementer

France

Policy area Data governance

Policy or regulatory element Data protection regulation

Economic activity technological consumer goods, software provider: other software, infrastructure provider: cloud computing, storage and databases

adopted

Australian Cyber Security Centre guidance on geo-blocking

Latest event Date: 2025-05-19 outline adoption

Australian Cyber Security Centre released guidance on geo-blocking

On 19 May 2025, the Australian Cyber Security Centre (ACSC) released guidance on geographical-based Internet Protocol blocking (geo-blocking). The guidance aims to provide an overview of geo-blocking and emphasises its limitations, highlighting the …

Implementer

Australia

Policy area Data governance

Policy or regulatory element Cybersecurity regulation

Economic activity cross-cutting

processing consultation

National Cybersecurity Standardization Technical Committee cybersecurity incident management standard: principles and processes

Latest event Date: 2025-05-19 order consultation closed

National Cybersecurity Standardisation Technical Committee closes consultation on cybersecurity incident management standard: principles and processes

On 19 May 2025, the National Cybersecurity Standardisation Technical Committee (TC260) closes its consultation on the draft on cybersecurity incident management standard: principles and processes. This standard, which replaces GB/T 20985.1-2017, pro…

Implementer

China

Policy area Data governance

Policy or regulatory element Cybersecurity regulation

Economic activity other service provider

processing consultation

National Cybersecurity Standardisation Technical Committee standard on requirements for audit and certification bodies for cybersecurity technology information security management system

Latest event Date: 2025-05-19 order consultation closed

National Cybersecurity Standardisation Technical Committee closes consultation on requirements for audit and certification bodies for cybersecurity technology information security management system

On 19 May 2025, China's National Cybersecurity Standardisation Technical Committee (TC 260) closes its consultation on the standard on requirements for audit and certification bodies for cybersecurity technology information security management syste…

Implementer

China

Policy area Data governance

Policy or regulatory element Cybersecurity regulation

Economic activity infrastructure provider: other

processing consultation

National Cybersecurity Standardisation Technical Committee standard on cybersecurity incident management: guidelines for incident response planning and preparation

Latest event Date: 2025-05-19 outline consultation closed

National Cybersecurity Standardisation Technical Committee closes consultation on cybersecurity incident management standard: guidelines for incident response planning and preparation

On 19 May 2025, the National Cybersecurity Standardisation Technical Committee (TC260) closes a public consultation on cybersecurity incident management standard: Guidelines for incident response planning and preparation. The guidelines apply to org…

Implementer

China

Policy area Data governance

Policy or regulatory element Cybersecurity regulation

Economic activity other service provider

processing consultation

Personal Data Protection Department automated decision-making and profiling guideline

Latest event Date: 2025-05-19 outline consultation closed

Personal Data Protection Department closes consultation on automated decision-making and profiling guideline

On 19 May 2025, the Data Protection Authority closes its consultation on the automated decision-making and profiling guidelines under Malaysia’s Personal Data Protection Act 2010 (Act 709). The guidelines aim to provide clarity on the use of artific…

Implementer

Malaysia

Policy area Data governance

Policy or regulatory element Data protection regulation

Economic activity cross-cutting

processing consultation

Personal Data Protection Department data protection by design guideline

Latest event Date: 2025-05-19 outline consultation closed

Personal Data Protection Department closes consultation on data protection by design guideline

On 19 May 2025, the Personal Data Protection Department closes its consultation on data protection by design guidelines to support compliance with Malaysia’s Personal Data Protection Act (Act 709). The guidelines promote a shift from reactive to pro…

Implementer

Malaysia

Policy area Data governance

Policy or regulatory element Data protection regulation

Economic activity cross-cutting

processing consultation

Personal Data Protection Department data protection impact assessment guideline

Latest event Date: 2025-05-19 outline consultation closed

Personal Data Protection Department closes consultation on data protection impact assessment guideline

On 19 May 2025, Malaysia's Personal Data Protection Department closes its consultation on the data protection impact assessment (DPIA) guidelines under Malaysia’s Personal Data Protection Act 2010 (Act 709). The guideline outlines minimum requiremen…

Implementer

Malaysia

Policy area Data governance

Policy or regulatory element Data protection regulation

Economic activity cross-cutting

in force

Data protection investigation into Luka/Replika

Latest event Date: 2025-05-19 investigation ruling

Data Protection Authority fined Replika chatbot provider Luka EUR 5 million for GDPR violations related to legal basis for data processing and age verification

On 19 May 2025, the Italian Data Protection Authority (DPA) announced that it had fined Luka, the provider of the artificial intelligence chatbot Replika, EUR 5 million for violating the General Data Protection Regulation (GDPR). The DPA identified …

Implementer

Italy

Policy area Data governance

Policy or regulatory element Data protection regulation

Economic activity ML and AI development

Page

...