DataGuidance
@dataguidance.bsky.social
We share daily regulatory updates on AI, privacy, and cybersecurity from OneTrust DataGuidance, backed by 20+ years of expertise.
Thailand: ETDA launches consultation on draft guidelines on AI data protection, promoting responsible, privacy-by-design practices while ensuring compliance with Thailand's PDPA.
Learn more: https://bit.ly/4aqODKM
Learn more: https://bit.ly/4aqODKM
February 13, 2026 at 7:12 PM
Thailand: ETDA launches consultation on draft guidelines on AI data protection, promoting responsible, privacy-by-design practices while ensuring compliance with Thailand's PDPA.
Learn more: https://bit.ly/4aqODKM
Learn more: https://bit.ly/4aqODKM
Czechia: UOOU launches consultation on camera systems in healthcare.
The guidance stresses minimizing intrusion, restricting access, and conducting impact assessments before using AI or biometric systems.
Explore more: https://bit.ly/4kAPqxd
The guidance stresses minimizing intrusion, restricting access, and conducting impact assessments before using AI or biometric systems.
Explore more: https://bit.ly/4kAPqxd
February 13, 2026 at 6:08 PM
Czechia: UOOU launches consultation on camera systems in healthcare.
The guidance stresses minimizing intrusion, restricting access, and conducting impact assessments before using AI or biometric systems.
Explore more: https://bit.ly/4kAPqxd
The guidance stresses minimizing intrusion, restricting access, and conducting impact assessments before using AI or biometric systems.
Explore more: https://bit.ly/4kAPqxd
Kentucky: Bill on Kentucky Kids Code introduced in House of Representatives.
The bill introduces stricter default settings, data minimization, and protections against profiling and targeted advertising.
Check it out: https://bit.ly/4rnIaYq
The bill introduces stricter default settings, data minimization, and protections against profiling and targeted advertising.
Check it out: https://bit.ly/4rnIaYq
DataGuidance
Essential Privacy and Regulatory Research at Your Fingertips. Find everything you need to stay up-to-date on evolving privacy & security regulations around the world
bit.ly
February 13, 2026 at 5:04 PM
Kentucky: Bill on Kentucky Kids Code introduced in House of Representatives.
The bill introduces stricter default settings, data minimization, and protections against profiling and targeted advertising.
Check it out: https://bit.ly/4rnIaYq
The bill introduces stricter default settings, data minimization, and protections against profiling and targeted advertising.
Check it out: https://bit.ly/4rnIaYq
UK: ICO publishes guidance on how organizations should handle data protection complaints.
The UK ICO issued guidance to help organizations prepare for new data protection complaint-handling requirements under the Data (Use and Access) Act.
Read now: https://bit.ly/4aiVHKA
The UK ICO issued guidance to help organizations prepare for new data protection complaint-handling requirements under the Data (Use and Access) Act.
Read now: https://bit.ly/4aiVHKA
DataGuidance
Essential Privacy and Regulatory Research at Your Fingertips. Find everything you need to stay up-to-date on evolving privacy & security regulations around the world
bit.ly
February 13, 2026 at 4:00 PM
UK: ICO publishes guidance on how organizations should handle data protection complaints.
The UK ICO issued guidance to help organizations prepare for new data protection complaint-handling requirements under the Data (Use and Access) Act.
Read now: https://bit.ly/4aiVHKA
The UK ICO issued guidance to help organizations prepare for new data protection complaint-handling requirements under the Data (Use and Access) Act.
Read now: https://bit.ly/4aiVHKA
Germany: BfDI presents report of consultation on personal data in LLMs.
The report by Germany's BfDI finds that LLMs raise unresolved #GDPR issues around anonymity, memorized personal data, and data subject rights.
Learn more: https://bit.ly/3OeRLC3
The report by Germany's BfDI finds that LLMs raise unresolved #GDPR issues around anonymity, memorized personal data, and data subject rights.
Learn more: https://bit.ly/3OeRLC3
February 12, 2026 at 8:16 PM
Germany: BfDI presents report of consultation on personal data in LLMs.
The report by Germany's BfDI finds that LLMs raise unresolved #GDPR issues around anonymity, memorized personal data, and data subject rights.
Learn more: https://bit.ly/3OeRLC3
The report by Germany's BfDI finds that LLMs raise unresolved #GDPR issues around anonymity, memorized personal data, and data subject rights.
Learn more: https://bit.ly/3OeRLC3
EU: EDPB and EDPS publish joint opinion on Digital Omnibus Regulation Proposal.
The EDPB and EDPS warned that proposed #GDPR changes could risk individuals' rights while backing some AI and ePrivacy updates.
Read more: https://bit.ly/4avQn5B
The EDPB and EDPS warned that proposed #GDPR changes could risk individuals' rights while backing some AI and ePrivacy updates.
Read more: https://bit.ly/4avQn5B
February 12, 2026 at 7:12 PM
EU: EDPB and EDPS publish joint opinion on Digital Omnibus Regulation Proposal.
The EDPB and EDPS warned that proposed #GDPR changes could risk individuals' rights while backing some AI and ePrivacy updates.
Read more: https://bit.ly/4avQn5B
The EDPB and EDPS warned that proposed #GDPR changes could risk individuals' rights while backing some AI and ePrivacy updates.
Read more: https://bit.ly/4avQn5B
USA: AGs urge Congress to pass Senate's version of KOSA.
New York's AG highlighted concerns that addictive social media design has harmed young people's mental health.
Check it out: https://bit.ly/4aqaP7F
New York's AG highlighted concerns that addictive social media design has harmed young people's mental health.
Check it out: https://bit.ly/4aqaP7F
February 12, 2026 at 6:08 PM
USA: AGs urge Congress to pass Senate's version of KOSA.
New York's AG highlighted concerns that addictive social media design has harmed young people's mental health.
Check it out: https://bit.ly/4aqaP7F
New York's AG highlighted concerns that addictive social media design has harmed young people's mental health.
Check it out: https://bit.ly/4aqaP7F
International: USA and Argentina sign trade agreement with data transfer adequacy.
The agreement establishes a bilateral framework for digital trade, cross-border data flows, and technology governance.
Check it out: https://bit.ly/3MCTPDl
The agreement establishes a bilateral framework for digital trade, cross-border data flows, and technology governance.
Check it out: https://bit.ly/3MCTPDl
February 12, 2026 at 4:00 PM
International: USA and Argentina sign trade agreement with data transfer adequacy.
The agreement establishes a bilateral framework for digital trade, cross-border data flows, and technology governance.
Check it out: https://bit.ly/3MCTPDl
The agreement establishes a bilateral framework for digital trade, cross-border data flows, and technology governance.
Check it out: https://bit.ly/3MCTPDl
India: MeitY publishes Amendment Rules on unlawful content.
The Amendment Rules introduce obligations for synthetic content, tighten takedown timelines, and require intermediaries to warn users and label AI-generated media.
Explore now: https://bit.ly/4twXtPE
The Amendment Rules introduce obligations for synthetic content, tighten takedown timelines, and require intermediaries to warn users and label AI-generated media.
Explore now: https://bit.ly/4twXtPE
February 11, 2026 at 8:16 PM
India: MeitY publishes Amendment Rules on unlawful content.
The Amendment Rules introduce obligations for synthetic content, tighten takedown timelines, and require intermediaries to warn users and label AI-generated media.
Explore now: https://bit.ly/4twXtPE
The Amendment Rules introduce obligations for synthetic content, tighten takedown timelines, and require intermediaries to warn users and label AI-generated media.
Explore now: https://bit.ly/4twXtPE
International: USA and Bangladesh sign agreement on reciprocal trade and digital commitments under which Bangladesh committed to recognize global privacy transfer mechanisms.
Read now: https://bit.ly/4rMsZHX
Read now: https://bit.ly/4rMsZHX
February 11, 2026 at 7:12 PM
International: USA and Bangladesh sign agreement on reciprocal trade and digital commitments under which Bangladesh committed to recognize global privacy transfer mechanisms.
Read now: https://bit.ly/4rMsZHX
Read now: https://bit.ly/4rMsZHX
EU: CJEU issues decision regarding ability to challenge EDPB decisions.
The CJEU ruled that binding decisions of the EDPB resolving disputes between national DPAs can be challenged in EU courts.
Read now: https://bit.ly/4raDULs
The CJEU ruled that binding decisions of the EDPB resolving disputes between national DPAs can be challenged in EU courts.
Read now: https://bit.ly/4raDULs
DataGuidance
Essential Privacy and Regulatory Research at Your Fingertips. Find everything you need to stay up-to-date on evolving privacy & security regulations around the world
bit.ly
February 11, 2026 at 6:08 PM
EU: CJEU issues decision regarding ability to challenge EDPB decisions.
The CJEU ruled that binding decisions of the EDPB resolving disputes between national DPAs can be challenged in EU courts.
Read now: https://bit.ly/4raDULs
The CJEU ruled that binding decisions of the EDPB resolving disputes between national DPAs can be challenged in EU courts.
Read now: https://bit.ly/4raDULs
Florida: AG launches CHINA Prevention Unit.
Florida's AG launches the CHINA Prevention Unit to target foreign threats to consumer data and economic security, including audits of medical device companies.
Check it out: https://bit.ly/4araCkO
Florida's AG launches the CHINA Prevention Unit to target foreign threats to consumer data and economic security, including audits of medical device companies.
Check it out: https://bit.ly/4araCkO
DataGuidance
Essential Privacy and Regulatory Research at Your Fingertips. Find everything you need to stay up-to-date on evolving privacy & security regulations around the world
bit.ly
February 10, 2026 at 8:16 PM
Florida: AG launches CHINA Prevention Unit.
Florida's AG launches the CHINA Prevention Unit to target foreign threats to consumer data and economic security, including audits of medical device companies.
Check it out: https://bit.ly/4araCkO
Florida's AG launches the CHINA Prevention Unit to target foreign threats to consumer data and economic security, including audits of medical device companies.
Check it out: https://bit.ly/4araCkO
Utah: Bill on AI transparency amendments read for the third time in Senate.
The AI Transparency Act proposes new safety, transparency, and whistleblower obligations for large frontier AI developers, with penalties of up to $3 million.
Read more: https://bit.ly/4ktaXYB
The AI Transparency Act proposes new safety, transparency, and whistleblower obligations for large frontier AI developers, with penalties of up to $3 million.
Read more: https://bit.ly/4ktaXYB
February 10, 2026 at 7:12 PM
Utah: Bill on AI transparency amendments read for the third time in Senate.
The AI Transparency Act proposes new safety, transparency, and whistleblower obligations for large frontier AI developers, with penalties of up to $3 million.
Read more: https://bit.ly/4ktaXYB
The AI Transparency Act proposes new safety, transparency, and whistleblower obligations for large frontier AI developers, with penalties of up to $3 million.
Read more: https://bit.ly/4ktaXYB
Connecticut: AG releases CTDPA Enforcement Report 2025.
Connecticut AG's 2025 CTDPA report highlights enforcement actions, data breach reviews, and new protections for minors and AI‑related data practices.
Read now: https://bit.ly/4r3aUFr
Connecticut AG's 2025 CTDPA report highlights enforcement actions, data breach reviews, and new protections for minors and AI‑related data practices.
Read now: https://bit.ly/4r3aUFr
February 10, 2026 at 6:08 PM
Connecticut: AG releases CTDPA Enforcement Report 2025.
Connecticut AG's 2025 CTDPA report highlights enforcement actions, data breach reviews, and new protections for minors and AI‑related data practices.
Read now: https://bit.ly/4r3aUFr
Connecticut AG's 2025 CTDPA report highlights enforcement actions, data breach reviews, and new protections for minors and AI‑related data practices.
Read now: https://bit.ly/4r3aUFr
Poland: UODO fines Poczta Polska PLN 978,000 for lack of independent DPO oversight.
Poland's UODO fines Poczta Polska for GDPR breaches, citing a conflict of interest that undermined the independence of its DPO.
Check it out: https://bit.ly/4cjzEVr
Poland's UODO fines Poczta Polska for GDPR breaches, citing a conflict of interest that undermined the independence of its DPO.
Check it out: https://bit.ly/4cjzEVr
February 10, 2026 at 5:04 PM
Poland: UODO fines Poczta Polska PLN 978,000 for lack of independent DPO oversight.
Poland's UODO fines Poczta Polska for GDPR breaches, citing a conflict of interest that undermined the independence of its DPO.
Check it out: https://bit.ly/4cjzEVr
Poland's UODO fines Poczta Polska for GDPR breaches, citing a conflict of interest that undermined the independence of its DPO.
Check it out: https://bit.ly/4cjzEVr
South Carolina: Bill for Social Media Regulation Act signed by Governor.
South Carolina's Social Media Regulation Act takes effect, imposing new protections for minors and giving the AG enforcement powers, including potential triple damages for violations.
Read on: https://bit.ly/4aFUeOA
South Carolina's Social Media Regulation Act takes effect, imposing new protections for minors and giving the AG enforcement powers, including potential triple damages for violations.
Read on: https://bit.ly/4aFUeOA
February 10, 2026 at 4:00 PM
South Carolina: Bill for Social Media Regulation Act signed by Governor.
South Carolina's Social Media Regulation Act takes effect, imposing new protections for minors and giving the AG enforcement powers, including potential triple damages for violations.
Read on: https://bit.ly/4aFUeOA
South Carolina's Social Media Regulation Act takes effect, imposing new protections for minors and giving the AG enforcement powers, including potential triple damages for violations.
Read on: https://bit.ly/4aFUeOA
Isle of Man: Commissioner publishes 2025/26 Q3 personal data breach report.
The ICO's Q3 2025/26 report records 39 personal data breaches affecting 12,000 people, with high-risk incidents down slightly and faster reporting across public and private sectors.
Learn more: https://bit.ly/4rEeWnA
The ICO's Q3 2025/26 report records 39 personal data breaches affecting 12,000 people, with high-risk incidents down slightly and faster reporting across public and private sectors.
Learn more: https://bit.ly/4rEeWnA
February 9, 2026 at 8:16 PM
Isle of Man: Commissioner publishes 2025/26 Q3 personal data breach report.
The ICO's Q3 2025/26 report records 39 personal data breaches affecting 12,000 people, with high-risk incidents down slightly and faster reporting across public and private sectors.
Learn more: https://bit.ly/4rEeWnA
The ICO's Q3 2025/26 report records 39 personal data breaches affecting 12,000 people, with high-risk incidents down slightly and faster reporting across public and private sectors.
Learn more: https://bit.ly/4rEeWnA
Netherlands: AP fines 10 municipalities total of €250,000 for processing sensitive information without consent.
The AP found that the municipalities violated the GDPR for not having a valid legal basis for processing.
Learn more: https://bit.ly/4rCtmVn
The AP found that the municipalities violated the GDPR for not having a valid legal basis for processing.
Learn more: https://bit.ly/4rCtmVn
February 9, 2026 at 7:12 PM
Netherlands: AP fines 10 municipalities total of €250,000 for processing sensitive information without consent.
The AP found that the municipalities violated the GDPR for not having a valid legal basis for processing.
Learn more: https://bit.ly/4rCtmVn
The AP found that the municipalities violated the GDPR for not having a valid legal basis for processing.
Learn more: https://bit.ly/4rCtmVn
UK: ICO publishes regulatory approach following commencement of Data (Use and Access) Act.
The ICO outlined how it will regulate as the DUAA comes into effect in phases, confirming continued enforcement of existing data laws and expanded ICO powers.
Check it out: https://bit.ly/3ZTiQ05
The ICO outlined how it will regulate as the DUAA comes into effect in phases, confirming continued enforcement of existing data laws and expanded ICO powers.
Check it out: https://bit.ly/3ZTiQ05
February 9, 2026 at 6:08 PM
UK: ICO publishes regulatory approach following commencement of Data (Use and Access) Act.
The ICO outlined how it will regulate as the DUAA comes into effect in phases, confirming continued enforcement of existing data laws and expanded ICO powers.
Check it out: https://bit.ly/3ZTiQ05
The ICO outlined how it will regulate as the DUAA comes into effect in phases, confirming continued enforcement of existing data laws and expanded ICO powers.
Check it out: https://bit.ly/3ZTiQ05
EU: Commission finds TikTok's addictive feed in breach of DSA.
The European Commission preliminarily finds TikTok in breach of the DSA for features linked to compulsive use, with TikTok able to respond before the next review.
Read now: https://bit.ly/4kw54u2
The European Commission preliminarily finds TikTok in breach of the DSA for features linked to compulsive use, with TikTok able to respond before the next review.
Read now: https://bit.ly/4kw54u2
February 9, 2026 at 5:04 PM
EU: Commission finds TikTok's addictive feed in breach of DSA.
The European Commission preliminarily finds TikTok in breach of the DSA for features linked to compulsive use, with TikTok able to respond before the next review.
Read now: https://bit.ly/4kw54u2
The European Commission preliminarily finds TikTok in breach of the DSA for features linked to compulsive use, with TikTok able to respond before the next review.
Read now: https://bit.ly/4kw54u2
Egypt: PDPC publishes PDPL implementation guidelines and official templates.
The PDPC guidance covers topics including data subject consent, lawful bases of processing, DPOs, and data protection principles.
Read on: https://bit.ly/4th7uRb
The PDPC guidance covers topics including data subject consent, lawful bases of processing, DPOs, and data protection principles.
Read on: https://bit.ly/4th7uRb
February 9, 2026 at 4:00 PM
Egypt: PDPC publishes PDPL implementation guidelines and official templates.
The PDPC guidance covers topics including data subject consent, lawful bases of processing, DPOs, and data protection principles.
Read on: https://bit.ly/4th7uRb
The PDPC guidance covers topics including data subject consent, lawful bases of processing, DPOs, and data protection principles.
Read on: https://bit.ly/4th7uRb
Ecuador: SPDP issues resolution on large-scale processing.
The resolution establishes a regulatory framework for large-scale processing of personal data in Ecuador, introducing mandatory scoring and compliance measures.
Learn more: https://bit.ly/4aiPLzU
The resolution establishes a regulatory framework for large-scale processing of personal data in Ecuador, introducing mandatory scoring and compliance measures.
Learn more: https://bit.ly/4aiPLzU
February 6, 2026 at 8:16 PM
Ecuador: SPDP issues resolution on large-scale processing.
The resolution establishes a regulatory framework for large-scale processing of personal data in Ecuador, introducing mandatory scoring and compliance measures.
Learn more: https://bit.ly/4aiPLzU
The resolution establishes a regulatory framework for large-scale processing of personal data in Ecuador, introducing mandatory scoring and compliance measures.
Learn more: https://bit.ly/4aiPLzU
UK: ICO publishes guidance on how it handles data protection complaints.
The guidance details how the ICO assesses, triages, and investigates complaints under the UK data protection framework.
Learn more: https://bit.ly/4ahBLXk
The guidance details how the ICO assesses, triages, and investigates complaints under the UK data protection framework.
Learn more: https://bit.ly/4ahBLXk
February 6, 2026 at 7:12 PM
UK: ICO publishes guidance on how it handles data protection complaints.
The guidance details how the ICO assesses, triages, and investigates complaints under the UK data protection framework.
Learn more: https://bit.ly/4ahBLXk
The guidance details how the ICO assesses, triages, and investigates complaints under the UK data protection framework.
Learn more: https://bit.ly/4ahBLXk
New York: Bill amending RAISE act passes Senate.
The bill amends the RAISE act by imposing new transparency and safety requirements for AI developers and expanding on obligations for incident reporting.
Read on: https://bit.ly/46kDf1I
The bill amends the RAISE act by imposing new transparency and safety requirements for AI developers and expanding on obligations for incident reporting.
Read on: https://bit.ly/46kDf1I
February 6, 2026 at 6:08 PM
New York: Bill amending RAISE act passes Senate.
The bill amends the RAISE act by imposing new transparency and safety requirements for AI developers and expanding on obligations for incident reporting.
Read on: https://bit.ly/46kDf1I
The bill amends the RAISE act by imposing new transparency and safety requirements for AI developers and expanding on obligations for incident reporting.
Read on: https://bit.ly/46kDf1I
Turkey: KVKK announces Vodafone Net data breach.
While the investigation is ongoing, the KVKK stated that personal data such as contact and transaction data could be affected, but emphasized that no special categories of personal data were involved.
Check it out: https://bit.ly/3ZfHbgr
While the investigation is ongoing, the KVKK stated that personal data such as contact and transaction data could be affected, but emphasized that no special categories of personal data were involved.
Check it out: https://bit.ly/3ZfHbgr
February 6, 2026 at 5:04 PM
Turkey: KVKK announces Vodafone Net data breach.
While the investigation is ongoing, the KVKK stated that personal data such as contact and transaction data could be affected, but emphasized that no special categories of personal data were involved.
Check it out: https://bit.ly/3ZfHbgr
While the investigation is ongoing, the KVKK stated that personal data such as contact and transaction data could be affected, but emphasized that no special categories of personal data were involved.
Check it out: https://bit.ly/3ZfHbgr