Activity Tracker

The DPA Activity Tracker provides our latest information on developments in legislatures, judiciaries and the executive branches of G20, EU member states and Switzerland.

1168 events advancing 642 policy or regulatory changes:

Most active jurisdictions Number of policy changes
Graph
Table
Most active policy areas Number of policy changes
Targeted economic activity Number of policy changes
Reset filters
1168 events advancing 642 policy or regulatory changes:
under deliberation

EU Data Governance Act

Latest event Date: 2022-05-16 law passage
Council adopts Data Governance Act

On 16 May 2022, the Council passed the Data Governance Act. The Data Governance Act (DGA) aims to improve data sharing trust, establish new EU laws on data marketplace neutrality, and make it easier to reuse some public-sector data. In important fie…

Implementer
EU-27
Policy area Data governance
Policy or regulatory element Data protection regulation
Economic activity cross-cutting
adopted

CNIL Guidelines on "Cookie Walls"

Latest event Date: 2022-05-16 outline adoption
Adopted CNIL Cookie Walls Guidelines

On 16 May 2022, the French personal data protection authority /Commission nationale de l'informatique et des libertés (CNIL)), published guidelines on the legality of "cookie walls". Cookie walls refer to making access to a website's content conditi…

Implementer
France
Policy area Data governance
Policy or regulatory element Data protection regulation
Economic activity cross-cutting
adopted

Guidance on Recommended Model Contractual Clauses for Cross-Border Personal Data Transfers

Latest event Date: 2022-05-12 outline adoption
Issued PCPD Guidance on Recommended Model Contractual Clauses for Cross-Border Personal Data Transfers

On 12 May 2022, the Hong Kong Privacy Commissioner for Personal Data (PCPD) issued its Guidance on Recommended Model Contractual Clauses for Cross-border Transfer of Personal Data. The Guidance contains two sets of Recommended Model Contractual Clau…

Implementer
Hong Kong
Policy area Data governance
Policy or regulatory element Data transfer regulation
Economic activity cross-cutting
adopted

Connecticut: Data Privacy Bill

Latest event Date: 2022-05-10 law signing
Connecticut Privacy Bill (SB 6) signed

On 10 May 2022, the Bill for "An Act concerning personal data privacy and online monitoring" was signed by the Governor of Connecticut and will become effective on 1 July 2023. The comprehensive data protection bill will apply to persons that conduc…

Implementer
United States of America
Policy area Data governance
Policy or regulatory element Data protection regulation
Economic activity cross-cutting
processing consultation

SEC rules on enhancing and standardising cybersecurity risk management

Latest event Date: 2022-05-09 order consultation closed
Consultation closed on SEC rules on enhancing and standardising cybersecurity risk management

On 9 May 2022, the Securities and Exchange Commission (SEC) has closed the consultation on its proposed rules on enhancing and standardising cybersecurity risk management. The proposed rules would apply to companies subject to SEC reporting requirem…

Implementer
United States of America
Policy area Data governance
Policy or regulatory element Cybersecurity regulation
Economic activity cross-cutting
in force

New York: Bill on Notification of Electronic Monitoring

Latest event Date: 2022-05-07 law implementation
Implemented New York Bill on Notification of electronic monitoring

On 5 May 2022, Senate Bill S2628 is put into force. The Bill obliges employers to inform all employees about the way they are electronically monitored. This notification must be done before they are hired and after that once every year. The Bill con…

Implementer
United States of America
Policy area Data governance
Policy or regulatory element Data protection regulation
Economic activity other service provider
under deliberation

Data transfer requirements in EU Data Act

Latest event Date: 2022-05-04 law opinion
Issued EDPB-EDPS Joint Opinion on Data Act including data transfer requirement

On 4 May 2022, the European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) issued a set of Joint Opinions on the EU Commission's Proposal for a Data Act. The EDPB and EDPS find that additional measures are necessary …

Implementer
EU-27
Policy area Data governance
Policy or regulatory element Data transfer regulation
Economic activity cross-cutting
under deliberation

Data protection measures in EU Data Act

Latest event Date: 2022-05-04 law opinion
Issued EDPB-EDPS Joint Opinion on Data Act including data protection measures

On 4 May 2022, the European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) issued a set of Joint Opinions on the EU Commission's Proposal for a Data Act. The EDPB and EDPS find that additional measures are necessary …

Implementer
EU-27
Policy area Data governance
Policy or regulatory element Data protection regulation
Economic activity cross-cutting
in force

Data Protection Authority investigation into IP anonymisation as safeguard for and "risk based approach" to data transfers

Latest event Date: 2022-05-02 investigation ruling
Ruling refuting IP anonymisation as safeguard for and "risk based approach" to data transfers

On 2 May 2022, the Austrian Data Protection Authority issued a ruling refuting IP anonymisation as safeguard for data transfers from the EU to the United States. The authority rejected arguments by Google that websites using its tools, such as Googl…

Implementer
Austria
Policy area Data governance
Policy or regulatory element Data transfer regulation
Economic activity platform provider
processing consultation

EDPB Guidelines on dark patterns in social media platform interfaces

Latest event Date: 2022-05-02 outline consultation closed
Closed consultation on EDPB Guidelines on dark patterns in social media platform interfaces

On 2 May 2022, the European Data Protection Board closed the consultation on its previously published "Guidelines 3/2022 on dark patterns in social media platform interfaces: how to recognize and avoid them". Specifically, "dark patterns" are user i…

Implementer
EU-27
Policy area Data governance
Policy or regulatory element Data protection regulation
Economic activity cross-cutting
Page
1
2
...
65