France's data protection authority, the Commission nationale de l'informatique et des libertés, imposed a 800,000 euro fine on Cegedim Santé for allegedly transferring health data without authorization to clients who use it to conduct health care studies. The investigation found the data was only pseudonymous, not anonymized.Full story
The U.K. Information Commissioner's Office signed a memorandum of understanding with the National Crime Agency to work together on cybersecurity. The work is meant to help institutions across the country build better resilience and protect themselves from data theft and ransom claims.Full story
CTV News reports on the legality of employee monitoring when they are working from home in Canada. The article also explores how return-to-work policies and employee surveillance interact.Full story
The Colorado Privacy Act's universal opt-out mechanism requirements went into effect 1 July, leaving businesses responsible to clearly offer and acknowledge consumer opt outs in relation to data collection and sale. IAPP Staff Writer Lexie White reports on Colorado's steps toward enforcement and what the privacy requirements mean for businesses.Full story
Forty-two state attorneys general penned a letter to members of U.S. Congress to pass legislation placing warning labels on social media platforms regarding the risks they pose to children, The Washington Post reports. In their letter, the attorneys general endorsed the social media warning label proposal developed by U.S.
Euractive reports lingering questions exist over the EU General Data Protection Regulation compliance of social platform X's AI data practices following its recent agreement with Ireland's Data Protection Commission to halt the training of its AI model with users' posts. The DPC received subsequent complaints regarding X's GDPR compliance, and the European Data Protection Board confirmed it received a request for an opinion on the DPC's agreement with the company.
An Australian parliamentary committee studying AI adoption in the country questioned Meta on why Australian users were not able to opt out of having their posts scraped to train AI models, unlike EU citizens, the Guardian reports.
Denmark's data protection authority, Datatilsynet, published guidance on additional ways to protect yourself from inadvertently disclosing personal data when publishing material. The update to the catalog of measures includes reviewing material beforehand and ensuring any censoring efforts cannot be removed.Full story
Software company Ketch launched a data permissioning platform for media companies that allows brands to prioritize consumer privacy. Ketch Head of Industry Strategy Jon Suarez-Davis said the platform "empowers media companies to connect consumer identities across channels and touchpoints, delivering precise, permissioned experiences that meet consumer expectations and regulatory demands.
Axios reports a group of U.S. senators is pushing the Federal Trade Commission and the Department of Justice to explore whether generative AI violates antitrust laws. A letter sent to both agencies largely focuses on the technology's ability to repackage information it is trained on and the impact that could have on journalism.Full story