MAY 2026 ISSUE NO. 314

https://campaign-image.com/zohocampaigns/133052000002457092_zc_v53_artboard_1.png
   

APAC
  • India’s Ministry of Electronics and IT extended the public consultation on the proposed amendments to IT Rules, including stricter labeling of AI content.
  • South Korea’s PIPC revised its guidelines for drafting personal information processing policy.
  • Malaysia’s PDP issued guidelines covering DPIA, data protection by design, automated decision-making and profiling.
  • The Australian Cyber Security Centre published guidance outlining cybersecurity risks and mitigation measures for agentic AI systems.
   

EMEA
  • European Data Protection Board adopted guidelines on processing personal data for scientific research purposes and launched a public consultation.
  • The UK Secretary of State enacted Code of Practice on AI and automated decision-making regulations.
  • Italy’s Cybersecurity Agency issued guidance and procedures for classifying activities and services under NIS2 framework.
  • European Cybersecurity Agency released methodology for its technology and innovation radar, to assess emerging cybersecurity technologies and trends.
  • Germany’s Office of Information Security published the Criteria enabling Cloud Computing Autonomy (C3A) framework.
  • Ireland’s media regulator launched investigations into a technology company over manipulative interface designs on its social media platforms.
  • Belgian Data Protection Authority released updated guidelines on direct marketing under the GDPR.
  • Poland’s President signed Data Management Act implementing the EU Data Management Regulation.
  • The EU Commission preliminarily found a technology company in breach of the Digital Services Act by failing to prevent children from using social media platforms.
  • Estonia’s Supreme Court clarified conditions for use of IP address identification data in criminal investigations.
   

Americas

  • The U.S. Senate Judiciary Committee unanimously approved the Guidelines for User Age-verification and Responsible Dialogue Act to protect children from AI chatbots.
  • Maryland’s Data Privacy Act, strengthening protections relating to personal data and immigration enforcement passed by both Chambers.
  • Canada’s Office of Privacy Commissioner released guidance on privacy-protective age assurance measures.
  • Connecticut Senate passed amendments to the Data Privacy Act regulating data brokers, facial recognition, geolocation data and genetic testing.
  • The U.S. Department of Justice intervened in a lawsuit challenging Colorado’s law on algorithmic discrimination.
  • Ontario’s Information and Privacy Commissioner published guidance on sharing children’s personal information with Children’s Aid Societies.
  • A Michigan bill regulating companion chatbots and AI interactions involving minors referred to the review committee.
  • Iowa Senators requested information from AI companies on safeguards against Chinese espionage and insider threats.

   

Click here to read the complete newsletter with official links

   

Gurugram office: 1st Floor, AIHP Palms, 242 & 243, Udyog Vihar Phase-IV, Gurugram - 122015

Dubai office: Unit: 9, 9th Floor, Arabian Sky Business Centre, CitiBank Building, Sheikh Rashid Road, Dubai, UAE

Phone: +91-124-4309062 | Email: newsletter@Privacydesk.in 

Delhi (NCR) | Dubai 

   

Disclaimer: This update is the copyright of Reina Legal. The update is not intended to be a form of solicitation or advertising. The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate thereafter. No person should act on such information without appropriate professional advice based on the circumstances of a particular situation. Unsubscribe