Search

PCPD Releases AI Storybook for Primary Students

The Office of the Privacy Commissioner for Personal Data (PCPD) in Hong Kong has published a new Chinese storybook titled “Adventure in the AI Labyrinth” for primary school students. This initiative aims to educate young students on the proper use of artificial intelligence and the importance of personal data privacy protection.

EDPB, EDPS Joint Opinion on European Biotech Act

The European Data Protection Board (EDPB) and European Data Protection Supervisor (EDPS) have issued a joint opinion on the proposed European Biotech Act. They support harmonizing clinical trials but call for specific safeguards for sensitive health data.

EDPB EDPS Joint Opinion on Digital Framework Simplification

The EDPB and EDPS have issued a joint opinion supporting simplification and competitiveness within the digital framework. The opinion addresses EU legislative proposals related to data privacy, artificial intelligence, and e-Privacy.

NIST Guidelines for API Protection in Cloud-Native Systems

The National Institute of Standards and Technology (NIST) has updated its guidelines for API protection in cloud-native systems. This update, NIST SP 800-228-upd1, provides recommendations for identifying risks and implementing controls throughout the API lifecycle.

Global Privacy Authorities Joint Statement on AI-Generated Imagery

The Office of the Privacy Commissioner for Personal Data (PCPD) and 60 other global privacy authorities have issued a joint statement expressing concern over AI-generated imagery and its potential for harm. The statement urges organizations to develop and use AI content generation systems lawfully, with specific measures to protect data subjects, particularly children.

PDPC Steps Up NRIC Misuse Enforcement and Issues New Advisory

The Singapore Personal Data Protection Commission (PDPC) is stepping up enforcement against private organizations misusing NRIC numbers for authentication starting January 1, 2027. New advisories are also being issued to guide organizations on data protection lapses and recommend more secure authentication methods.

Privacy Commissioner Statement on Bunnings Facial Recognition Decision

The Australian Privacy Commissioner has issued a statement regarding the Administrative Review Tribunal's decision on Bunnings' use of facial recognition technology. The statement clarifies that while the Tribunal allowed Bunnings to use the technology for specific crime prevention purposes, significant privacy safeguards and notification requirements remain crucial.

DSB Circular on Freedom of Information Act

The Austrian Data Protection Authority (DSB) issued a supplementary circular on December 12, 2025, regarding the Freedom of Information Act. This circular clarifies a previous communication, adjusting a reporting deadline for data submissions.

Global Data Protection Authorities Statement on AI Imagery Privacy

Sixty global data protection and privacy authorities have issued a joint statement outlining privacy principles for AI-generated imagery. The statement calls on organizations developing and using AI content generation systems to implement safeguards and protect individuals, particularly children, from potential harm.

ENISA Report: Cybersecurity Investments and NIS2 Challenges

ENISA's 6th NIS Investments report reveals a shift in cybersecurity spending from personnel to technology and services across 1080 EU organizations. The report highlights persistent talent shortages and challenges in implementing the NIS2 Directive, despite compliance being a key investment driver.