Data Privacy

EU Endorses AI Declaration and Launches Legal Gateway Office

The European Union has endorsed the Leaders' Declaration at the AI Impact Summit in India and launched the European Legal Gateway Office to connect EU companies with India's ICT talent. The initiative also aims to strengthen global AI governance and promote AI innovation.

EU Commission Launches €75 Million EURO-3C Project for Telco-Edge-Cloud

The European Commission has announced the EURO-3C project, a €75 million initiative to build a federated Telco-Edge-Cloud infrastructure. This project aims to enhance Europe's digital service capabilities and reduce reliance on third-country providers.

EU Cooperation on Artificial Intelligence at India Summit

The European Union, represented by Executive Vice-President Henna Virkkunen, will attend the AI Impact Summit 2026 in New Delhi to strengthen cooperation with India on AI governance and innovation. The visit aims to advance the EU's approach to AI, emphasizing trust, innovation, and international collaboration.

Draft Code of Practice on AI Content Marking Published

The European Commission has published a second draft Code of Practice on AI content marking, intended to help providers and deployers meet AI Act requirements. This revised draft aims to streamline processes, reduce compliance burdens, and incorporate feedback from various stakeholders.

Accessible Deletion Mechanism for Data Brokers

The California Privacy Protection Agency has finalized regulations establishing an Accessible Deletion Mechanism (DROP) for data brokers, effective January 1, 2026. This system allows consumers to request the deletion of their personal information from registered data brokers through a single request to the agency.

CPPA Seeks Comments on Reducing Privacy Rights Friction

The California Privacy Protection Agency (CPPA) is seeking preliminary comments on potential regulatory changes to reduce friction in how consumers exercise their privacy rights. The comment period is open from March 6, 2026, until April 6, 2026.

Data Broker Registration Fee Regulations

The California Privacy Protection Agency (CPPA) is now responsible for the state's data broker registry, effective January 1, 2024. Data brokers must pay an annual registration fee, which the CPPA may adjust. Final regulations for the fee structure have been published for 2024, 2025, and 2026 registrations.

California Adopts CCPA Regulations on Risk Assessments and Cybersecurity

The California Privacy Protection Agency has adopted final regulations updating the CCPA. These regulations implement requirements for risk assessments, annual cybersecurity audits, and consumers' rights regarding automated decision-making technology, effective January 1, 2026.

CPPA Seeks Comments on Opt-out Preference Signals Rulemaking

The California Privacy Protection Agency (CPPA) is seeking preliminary public comments on potential rulemaking regarding Opt-out Preference Signals (OOPS). The agency is gathering information to explore whether regulatory changes are necessary to reduce friction in exercising privacy rights. Comments are due by April 6, 2026.

Deer Oaks HIPAA Resolution Agreement and Corrective Action Plan

The US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has entered into a Resolution Agreement and Corrective Action Plan with Deer Oaks, a covered entity under HIPAA. The agreement resolves allegations of impermissible disclosure of protected health information (PHI) and a subsequent data breach, requiring Deer Oaks to pay a resolution amount and implement corrective actions.