The U.S. Cybersecurity and Infrastructure Security Agency will continue its offensive operations against foreign threats, including Russia, after allegations U.S. Cyber Command was ordered to halt its efforts against Russia, Industrial Cyber reports. CISA said there "has been no change in our posture. Any reporting to the contrary is fake and undermines our national security."
Full story
Author: IAPP IAPP News
As states weigh passing children's online safety legislation, another battle is building among Big Tech firms over potential age verification obligations, The Wall Street Journal reports. Apple, Google and Meta are among the potential covered entities arguing whether verification obligations should fall on individual apps and platforms or extend to the app stores facilitating on-device access.
Full story
The U.S. National Institute for Standards and Technology finalized guidelines for evaluating differential privacy guarantees. The guidance focuses on better understanding differential privacy application and common pitfalls stemming from the mathematical framework when differential privacy is used in practice.
Full story
A coalition of civil society organizations sent a letter to U.S. Director of National Intelligence Tulsi Gabbard highlighting concerns about the reauthorization of Section 702 of the Foreign Intelligence Surveillance Act. The organizations urged Gabbard to work with them to provide information on what data is collected and stored about U.S. citizens under Section 702 of FISA to improve transparency.
Full story
TechCrunch reports the U.K. National Cyber Security Centre is no longer recommending certain people use encryption to protect their information after the government recently requested Apple to create a backdoor to access all encrypted data. The former page redirects to a site advising customers to use Apple's Lockdown Mode.
Full story
South Korea's Personal Information Protection Commission opened in investigation into the data collection and processing of smart vehicles manufactured by Hyundai, Kia, Tesla, Mercedes Benz, BMW and BYD. The investigation coincides with BYD launching its line of electric vehicles in South Korea, which prompted the PIPC to seek information regarding the company's data collection practices. The PIPC has been conducting on-site inspections of the smart car sector since 2024.
Full story
Serbia's Commissioner for Information of Public Importance and Personal Data Protection released its action plan detailing the authorities' effort to implement its Personal Data Protection Strategy by 2030. The plan is to promote efficient data protection standards and "spur the necessary regulatory changes in this direction, as well as the implementation of activities and measures prescribed by the Strategy that will greatly contribute to the implementation of this important human right."
Full story
Companies' attempts to monetize sensitive geolocation data are on the rise and U.S. federal and state regulators are taking notice. IAPP Staff Writer Lexie White recaps a recent webinar exploring enforcement trends around location data and a window into the compliance landscape.
Full story
The Office of the Information and Privacy Commissioner of Alberta said many of its recommended changes to the Personal Information Protection Act made it into a committee's final review of the law. The agency indicated special protection should be given to children's personal information and it should be allowed to impose monetary fines to ensure compliance with the law.
Full story
Ireland's Data Protection Commission advised organizations on data subject access request obligations under Article 15(1) of the EU General Data Protection Regulation. The DPC outlined justifications for consumers to request and obtain access under the law while explaining covered entities can raise restrictions to those rights only when "justified on an evidential basis, reference to the specific context of the case concerned."
Full story