Search

Global Privacy Authorities Joint Statement on AI-Generated Imagery

The Office of the Privacy Commissioner for Personal Data (PCPD) and 60 other global privacy authorities have issued a joint statement expressing concern over AI-generated imagery and its potential for harm. The statement urges organizations to develop and use AI content generation systems lawfully, with specific measures to protect data subjects, particularly children.

PDPC Steps Up NRIC Misuse Enforcement and Issues New Advisory

The Singapore Personal Data Protection Commission (PDPC) is stepping up enforcement against private organizations misusing NRIC numbers for authentication starting January 1, 2027. New advisories are also being issued to guide organizations on data protection lapses and recommend more secure authentication methods.

Privacy Commissioner Statement on Bunnings Facial Recognition Decision

The Australian Privacy Commissioner has issued a statement regarding the Administrative Review Tribunal's decision on Bunnings' use of facial recognition technology. The statement clarifies that while the Tribunal allowed Bunnings to use the technology for specific crime prevention purposes, significant privacy safeguards and notification requirements remain crucial.

DSB Circular on Freedom of Information Act

The Austrian Data Protection Authority (DSB) issued a supplementary circular on December 12, 2025, regarding the Freedom of Information Act. This circular clarifies a previous communication, adjusting a reporting deadline for data submissions.

Global Data Protection Authorities Statement on AI Imagery Privacy

Sixty global data protection and privacy authorities have issued a joint statement outlining privacy principles for AI-generated imagery. The statement calls on organizations developing and using AI content generation systems to implement safeguards and protect individuals, particularly children, from potential harm.

Draft Code of Practice on AI Content Marking Published

The European Commission has published a second draft Code of Practice on AI content marking, intended to help providers and deployers meet AI Act requirements. This revised draft aims to streamline processes, reduce compliance burdens, and incorporate feedback from various stakeholders.

AI Training Compliance Guidance Post-SRB Ruling

This guidance analyzes the impact of the EU Court of Justice's Single Resolution Board ruling on AI training compliance for engineers. It outlines two pathways for compliance, emphasizing engineering choices in defining identifiability and data protection.

EDPB-EDPS Opinion on Biotech Act Privacy Implications

The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) have issued a joint opinion on the privacy implications of the proposed European Biotech Act. The opinion provides guidance on the GDPR compliance aspects of the proposed legislation.

ICO Open Letter to Tech Firms on Age Checks and Child Data Protection

The UK's Information Commissioner's Office (ICO) has issued an open letter to social media and video-sharing platforms, urging them to strengthen age assurance measures to prevent underage children from accessing services. The ICO expects platforms to move beyond self-declaration and utilize available technology to enforce minimum age requirements.