Finland's Office of the Data Protection Ombudsman launched an investigation into the University of Helsinki's data protection safeguards after reviewing data transfers of biometric research data to Chinese biotechnology company BGI Group.
The European Data Protection Board released its report detailing the Support Pool of Experts external experts projects in 2024, including its work to assess AI systems' bias and processing of personal data. The SPE will continue its efforts in 2025, with projects focusing on the right of access, and a bootcamp to examine best practices for mobile app auditing.Full story
Amazon will no longer allow Echo users to opt out of sharing their voice recordings, USA Today reports. The company will now launch a feature that processes recordings in the company's cloud before being deleted.
Google acquired cybersecurity company Wiz for USD32 billion to strengthen Google's cloud computing efforts and provide security to AI companies, The Wall Street Journal reports.
The U.K. Information Commissioner's Office agreed to new commitments under the U.K. government's growth agenda that aim to balance data protection and consumer trust with economic growth and investment. The raft of measures include piloting a data protection sandbox regime, advertising technology regulatory reviews, updated guides for AI and international data transfers, and more. IAPP News Editor Joe Duball reports on the ICO's new measures.Full story
Tech Policy Press Fellow Megan Kirkwood examined how data portability interacts with the EU's data protection and digital market laws. Kirkwood dissected how the EU Digital Markets Act works to improve portability and whether portability can help drive competition in the EU digital ecosystem.Full story
The European Commission opened a public comment period on the Cyber Resilience Act's implementing regulation that runs until 15 April. The regulation would require the Commission to identify the technical description of categories of critical products containing certain digital features.
Norway's data protection authority, Datatilsynet, issued a NOK4 million fine to telecommunications firm Telenor for alleged failure to complete all assessments and fully document the role of its data protection officer.
Bloomberg reports a staffer from the U.S. Department of Government Efficiency violated Treasury Department policy by sending an unencrypted spreadsheet containing personal information from the Department of the Treasury to the General Services Administration, according to new documents in an ongoing lawsuit.
The Cybersecurity Administration of China was joined by the Ministry of Industry and Information Technology, the Ministry of Public Security and the State Administration of Radio and Television in issuing the "Measures for the Identification of Synthetic Content Generated by Artificial Intelligence." The measures aim to standardize the identification of synthetic content and protect the legitimate rights of citizens.Full story