DECEMBER 2025 ISSUE NO. 291

https://campaign-image.com/zohocampaigns/133052000002457092_zc_v53_artboard_1.png
   

EU

  • Belgian Data Protection Authority imposed a EUR 40,000 fine on global data provider for invalid consent.
  • Italian Data Protection Authority (Garante) released an updated handbook on privacy practices at schools.
  • CNIL, French Data Protection Commission fined global financial services company EUR 1.5 million for cookie consent violations.
  • European Commission issued EUR 120 million penalty against X for failing to meet transparency obligations under the Digital Services Act.
  • New research released by NYOB highlighted strong user preference for avoiding tracking when presented with “pay or okay” consent models.
  • EU Parliament published a report analyzing the impact of AI on the financial sector.
  • Garante fined clinical research center EUR 70,000 for unlawful destruction of personal data.
  • Guernsey Office of the Data Protection Authority issued 10-step practical AI guidance.

   

Americas

  • Canadian bill proposing amendments to Personal Information Protection and Electronic Documents Act passed its first reading.
  • Illinois became the first U.S. state to introduce regulation governing AI-driven mental health therapy services.
  • Paraguay’s President signed the country’s new data protection law into force.
  • A coalition of Attorney Generals urged Congress to preserve state authority over AI Regulation.
  • Brazil’s Data Protection Agency launched a public consultation on Digital ECA, the Statute for the protection of minors online.
  • The US House Committee on Energy and Commerce announced a hearing covering 19 proposed bills on minors’ online protection.
  • EPIC and partner organizations called on U.S. Immigration and Customs Enforcement to stop using facial recognition technologies.
  • Federal Communications Commission finalized a USD 1.5 million settlement with large media and tech company for vendor data breach.

   

Asia

  • The Government of Vietnam unveiled its implementation plan for Personal Data Protection Law.
  • South Korea’s Personal Information Protection Commission fined a Law Firm KRW 529 million for large-scale data breach.
  • Vietnam’s Ministry of Science and Technology presented draft AI law to National Assembly.

   

Click here to read the complete newsletter with official links

   

Gurugram office: 1st Floor, AIHP Palms, 242 & 243, Udyog Vihar Phase-IV, Gurugram - 122015

Dubai office: Unit: 9, 9th Floor, Arabian Sky Business Centre, CitiBank Building, Sheikh Rashid Road, Dubai, UAE

Phone: +91-124-4309062 | Email: newsletter@Privacydesk.in 

Delhi (NCR) | Dubai 

   

Disclaimer: This update is the copyright of Reina Legal. The update is not intended to be a form of solicitation or advertising. The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate thereafter. No person should act on such information without appropriate professional advice based on the circumstances of a particular situation. Unsubscribe