Activity Tracker
The DPA Activity Tracker provides our latest information on developments in legislatures, judiciaries and the executive branches of G20, EU member states and Switzerland.
699 events advancing 348 policy or regulatory changes:
Graph
Table
Information Commissioner's Office disclosure of Transfer Risk Assessments for Workday
Information Commissioner's Office disclosed Transfer Risk Assessments for Workday
On 4 April 2025, the Information Commissioner's Office (ICO) disclosed the Transfer Risk Assessment (TRA) for Workday, a US-headquartered provider of enterprise cloud applications for finance and human resources. TRAs evaluate the legal, technical, …
Information Commissioner's Office disclosure of Transfer Risk Assessments for Nasstar Calabrio
Information Commissioner's Office disclosed Transfer Risk Assessments for Nasstar Calabrio
On 4 April 2025, the Information Commissioner's Office (ICO) disclosed the Transfer Risk Assessment (TRA) for Nasstar Calabrio, a UK-based provider of managed cloud services and contact centre solutions incorporating Calabrio software. TRAs evaluate…
Information Commissioner's Office disclosure of Transfer Risk Assessments for Grammarly
Information Commissioner's Office disclosed Transfer Risk Assessments for Grammarly
On 4 April 2025, the Information Commissioner's Office (ICO) disclosed the Transfer Risk Assessment (TRA) for Grammarly, a US-based company that offers digital writing assistance tools powered by artificial intelligence. TRAs evaluate the legal, tec…
Information Commissioner's Office disclosure of Transfer Risk Assessments for Canva
Information Commissioner's Office disclosed Transfer Risk Assessments for Canva
On 4 April 2025, the Information Commissioner's Office (ICO) disclosed the Transfer Risk Assessment (TRA) for Canva, an Australia-based platform that provides graphic design and visual communication tools. TRAs evaluate the legal, technical, and pro…
Cross-border data transfer regulation in Personal Data Protection (Amendment) Act 2024
Personal Data Protection (Amendment) Act 2024 (Act A1727) including cross-border data transfer regulation entered into force
On 1 April 2025, section 129 of the Personal Data Protection (Amendment) Act 2024 (Act A1727) entered into force, removing the previous white-list regime for cross-border data transfers. Under the amended provisions, data controllers may transfer pe…
Cross-border data transfer regulation in Federal Law on Protection of Personal Data Held by Private Parties
Federal Law on the Protection of Personal Data Held by Private Parties including cross-border data transfer regulation enters into force
On 21 March 2025, the Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP) entered into force. The publication forms part of a legislative package that includes three separate Laws: the General Law on Transparency and Acc…
European Data Protection Supervisor opinion on Digital Trade Agreement between European Union and Singapore
European Data Protection Supervisor adopted opinion on Digital Trade Agreement between European Union and Singapore
On 21 March 2025, the European Data Protection Supervisor (EDPS) issued an opinion on the European Union (EU)-Singapore Digital Trade Agreement, highlighting concerns over changes to the EU’s horizontal provisions on cross-border data flows and pers…
Parliamentary motion on national control of DNS infrastructure of .nl internet domain (No. 26643-1317)
Parliamentary motion on national control of DNS infrastructure of .nl internet domain was adopted by the House of Representatives (No. 26643-1317)
On 18 March 2025, a parliamentary motion on national control of the entire DNS infrastructure of the .nl internet domain was adopted by the Dutch House of Representatives. The motion requests the government to initiate consultations with the Netherl…
Ministry of Culture, Sports, and Tourism procedure for notifying contact information of foreign entities providing cross-border advertising services into Vietnam
Ministry of Culture, Sports and Tourism’s Department of Broadcasting, Television and Electronic Information published procedure for notifying contact information of foreign entities providing cross-border advertising services into Vietnam
On 14 March 2025, the Ministry of Culture, Sports and Tourism’s Department of Broadcasting, Television and Electronic Information implemented a notification procedure for foreign organisations and individuals intending to provide cross-border advert…
European Data Protection Board Co-Operation procedure for approval of Binding Corporate Rules for controllers and processors under GDPR
European Data Protection Board published document outlining the approval procedure for Binding Corporate Rules
On 13 March 2025, the European Data Protection Board (EDPB) published a document outlining the Approval Procedure for Binding Corporate Rules (BCRs). The document provides a cooperation framework for the approval of BCRs under Article 47 GDPR, which…