The U.K. Data Use and Access Bill passed its second reading in the House of Commons 12 Feb. The legislation has since been sent to a House of Commons Public Bill Committee, which will conduct a line-by-line review before preparing a report for the full body prior to 18 March. Editor's note: IAPP Staff Writer Alex LaCasse reported on the introduction of the DUA Bill last year.
Full story
Author: IAPP IAPP News
Google Chrome began allowing advertisers to deploy digital fingerprinting 16 Feb., Forbes reports. The practice involves collecting information from a device's software or hardware, and when combined, can identify a particular device and user, which U.K. Information Commissioner's Office Director of Regulatory Risk Stephen Almond previously said is "not a fair means of tracking users online."
Full story
MediaPost reports on the reintroduction of a California bill to require browsers to offer a universal opt-out option for online behavioral advertising. The bill, which has the support of the California Privacy Protection Agency, passed the California State Legislature last year before a veto by the governor, who did not want to impose UOOM requirements on operating systems.
Full story
The U.S. Internal Revenue Service is working to provide the Elon Musk-led Department of Government Efficiency with sensitive taxpayer data, The New York Times reports. DOGE software engineer Gavin Kliger reportedly worked at IRS headquarters 13 Feb. and will receive broad access to agency systems as a senior advisor to the acting agency commissioner. IRS systems include details on individuals' tax returns, Social Security numbers, addresses, banking details and employment information. Editor's note: IAPP Editorial Director Jedidiah Bracy reported on the privacy implications of the DOGE's access to U.S. government systems.
Full story
The Netherlands' data protection authority, the Autoriteit Persoonsgegevens, conducted a study of several companion and therapeutic AI apps to understand their associated risks. The report found the apps are often not transparent about being AI, do not give useful responses in crises and include addictive elements to keep people using.
Full story
Brazil's data protection authority, the Autoridade Nacional de Proteção de Dados, published its report detailing the authority's regulatory actions in the second half of 2024. The ANPD worked on several initiatives, including projects to improve children's privacy online, personal data protection and incident reporting.
Full story
Sweden's data protection authority, Integritetsskyddsmyndigheten, published a guide on impact assessments when processing personal data. The IMY indicated the guide aims to "facilitate the work of impact assessments and reduce uncertainty about how the various steps are carried out and how the regulations should be understood."
Full story
Former U.S. Privacy and Civil Liberties Oversight Board Commissioners hired law firm Arnold & Porter after they were terminated from their positions, Bloomberg Law reports. Former PCLOB Democrats Ed Felten and Travis LeBlanc were removed by the Trump administration in January. Editor's note: IAPP Staff Writer Alex LaCasse reported on the Trump administration's PCLOB terminations.
Full story
Nigeria's Data Protection Commission and the Communications Commission launched the Data Protection in Telecommunications Working Group. The group will aim to improve data protection by developing initiatives to protect citizens' personal data when using digital devices and "ensure the actual practice of data protection and privacy in the telecommunications sector."
Full story
Infosecurity Magazine reports Memorial Hospital and Manor in Bainbridge, Georgia, disclosed 120,000 people were affected by a November 2024 data breach. The stolen information included birthdates, Social Security numbers and medical records; the hospital said it has yet to see evidence the data was misused.
Full story