FEBRUARY 2026 ISSUE NO. 301

https://campaign-image.com/zohocampaigns/133052000002457092_zc_v53_artboard_1.png
   

APAC

  • Indian government amended the IT Rules to require social platforms to take down AI-generated deepfake content within 3 hours.
  • The FICCI-EY Risk Survey 2026 identified cybersecurity breaches as the top risk facing Indian businesses.
  • South Korean data watchdog imposed a fine of KRW 707.8 million on the National Research Foundation for inadequate safety measures.
  • Japan’s Personal Information Protection Commission updated its Business Guide to support compliance under the data protection framework.
  • China’s Technical Committee 260 released first batch of National Cybersecurity Standard Requirements for this year.
  • Office of Australian Information Commissioner published a statement on Administrative Review Tribunal’s decision on a retail company’s use of facial recognition.

   

EMEA

  • EU Commission invited feedback on draft guidelines on the calculation of reasonable compensation under the Data Act. 
  • UK’s Information Commissioner Office announced investigation into an AI system for generating non-consensual inappropriate images.
  • France’s CNIL fined a public employment platform EUR 5 million for failing to secure job seekers’ data.
  • Germany’s Financial Supervisory Authority issued guidance on ICT risks in AI use at financial entities. 
  • Italian data protection authority imposed a fine of EUR 40,000 on an optical manufacturing company for accessing and retaining former employees’ emails after their departure.
  • European Commission created a Signatory Taskforce for General-Purpose AI Code of Practice.
  • Denmark’s Data Protection Authority responded to an inquiry on data processing agreement terms on personal data transfer to third countries.
  • Sweden’s Privacy Authority imposed a fine of SEK 6 million on a software company following personal data leak from a cyberattack. 
  • The Dutch Data Protection Authority outlined its vision on generative AI governance.
  • Latvia’s Data Inspectorate released a guidance on transparency and content requirements for cookie policy.
  • Turkish Data Protection Authority announced data breach involving a food manufacturing company.
   

Americas 

  • A New York bill on additional protections for sensitive health information passed by Senate.
  • Information and Privacy Commissioner of Ontario issued guidance on AI scribes to safeguard patient data.
  • A coalition of U.S. Attorneys General criticised the Department of Justice’s attempt to obtain sensitive data from Minnesota authorities.
  • An Oregon bill establishing Commission on Artificial Intelligence was prefiled in House.
  • A bill to create a Telephone Solicitation Act was introduced in the Michigan’s House of Representatives.
  • A California bill on consumer privacy requests dealing with deletion request records and request submission methods was introduced in the Senate.
  • Quebec’s Access to Information Commission released explanatory guide and checklist on preventing privacy breaches.
  • Hawaii’s Drop and Delete Act to regulate data brokers, enable personal data deletion and establish enforcement mechanisms introduced to House of Representatives.

   

Click here to read the complete newsletter with official links

   

Gurugram office: 1st Floor, AIHP Palms, 242 & 243, Udyog Vihar Phase-IV, Gurugram - 122015

Dubai office: Unit: 9, 9th Floor, Arabian Sky Business Centre, CitiBank Building, Sheikh Rashid Road, Dubai, UAE

Phone: +91-124-4309062 | Email: newsletter@Privacydesk.in 

Delhi (NCR) | Dubai 

   

Disclaimer: This update is the copyright of Reina Legal. The update is not intended to be a form of solicitation or advertising. The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate thereafter. No person should act on such information without appropriate professional advice based on the circumstances of a particular situation. Unsubscribe