Activity Tracker
The DPA Activity Tracker provides our latest information on developments in legislatures, judiciaries and the executive branches of G20, EU member states and Switzerland.
459 events advancing 135 policy or regulatory changes:
Graph
Table
Office of Communications rules on additional duties for categorised services
Office of Communications released stakeholder responses to consultation on additional duties for categorised services
On 13 October 2025, the Office of Communications of the United Kingdom (Ofcom) released stakeholder responses to the consultation on the third phase of online safety regulation, concerning additional duties under the Online Safety Act 2023 for categ…
Amendment to Protection of Privacy Law (5741-1981)
Privacy Protection Bill entered into force
On 14 August 2025, the Privacy Protection Bill (Amendment No. 13, formerly No. 14) entered into force. The Bill expands the supervisory powers of the Privacy Protection Authority, which will now have the authority to impose financial sanctions for v…
Age verification requirement in Online Safety Bill
Obligation for user-to-user platforms hosting adult content to implement age assurance measures under Office of Communications's Codes of Practice for Age Assurance and Children’s Access enters into force
On 25 July 2025, the obligation for services hosting user-generated pornographic content in the United Kingdom to fully implement "highly effective" age assurance measures under the Online Safety Act enters into force. This follows the publication o…
Content monitoring framework in Online Safety Act
Illegal content duties under Online Safety Act entered into force
On 17 March 2025, the illegal content duties under the Online Safety Act (OSA) entered into force. The Office of Communications (Ofcom) issued illegal content Codes of Practice for user-to-user services that implement the OSA. Providers were requir…
Data governance measures in ePrivacy Regulation
European Commission announced work programme including withdrawal of ePrivacy Regulation containing data governance measures
On 11 February 2025, the European Commission announced a work programme withdrawing the proposal for regulation concerning the respect for private life and the protection of personal data in electronic communications and repealing the Directive 2002…
Service access restriction on AI systems posing "unacceptable risk" in Regulation laying down harmonised rules on artificial intelligence (AI Act)
Implemented AI Act including prohibition of AI systems posing "unacceptable risk"
On 2 February 2025, the prohibition on certain AI systems in the regulation laying down harmonised rules on Artificial Intelligence (Artificial Intelligence Act) is implemented. The Act includes a ban on AI systems posing "unacceptable risk". The ba…
Swiss-US Data Privacy Framework
Implemented Swiss-US Data Privacy Framework for cross-border data transfers
On 15 September 2024, the Swiss Federal Council's decision that the Swiss-US Data Privacy Framework (DPF) is adequate for transferring personal data from Switzerland to the US entered into effect. This decision allows organisations to transfer perso…
EU Commission Standard Contractual Clauses for transfer of data to third country controllers and processors subject to the GDPR
Announced EU Commission Standard Contractual Clauses for transfer of data to third country controllers and processors subject to the GDPR
On 12 September 2024, the European Commission announced new Standard Contractual Clauses (SCCs) to govern the transfer of personal data to controllers and processors in third countries, specifically when those data importers are directly subject to …
SAMR Interim Provisions on Internet Anti-Unfair Competition
Implemented SAMR Interim Provisions on Internet Anti-Unfair Competition
On 1 September 2024, China's State Administration for Market Regulation (SAMR)’s Interim Provisions on Internet Anti-Unfair Competition enter into force. The regulation includes a ban on the usage of algorithms and data to influence users. That incl…
Monitoring requirements in Regulation laying down harmonised rules on artificial intelligence (AI Act)
Entry into force with grace period of AI Act including monitoring requirements for "high-risk AI systems"
On 1 August 2024, the regulation laying down harmonised rules on Artificial Intelligence (Artificial Intelligence Act) enters into force, 20 days following its publication in the Official Journal, with a grace period on its implementation. The Act i…