MAY 2026 ISSUE NO. 311

https://campaign-image.com/zohocampaigns/133052000002457092_zc_v53_artboard_1.png
   

APAC
  • Insurance Regulatory and Development Authority of India released updatedInformation and Cyber Security Guidelines for Regulated Entities.
  • China’s CAC launched campaigns to strengthen personal information protection compliance across key sectors.
  • South Korea’s PIPC fined an auction house KRW 287.2 million for personal data breach and security lapses.
  • Singapore’s Ministry of Digital Development and Information clarified data protection and safety obligations for AI-enabled smart glasses.
  • Vietnam ratified the UN Convention on Cybercrime, becoming first in southeast Asia to do so.
   

EMEA
  • The European Data Protection Board published its 2025 Annual Report highlighting guidance, enforcement and regulatory cooperation efforts.
  • Germany’s Office of Information Security released updated Cloud Computing Compliance Criteria Catalogue, to strengthen cloud security standards.
  • Personal Data Protection Office of Poland announced adoption of Data Management Act by the Parliament.
  • France’s CNIL outlined priority enforcement areas for 2026, including recruitment, single electoral register and sports federations.
  • Moldova ratified Convention 108+ and engaged in international data protection cooperation discussions.
  • Italy’s Data watchdog imposed EUR 31 million fine on a banking company for unlawful access to customer data.
  • The Central Bank of Netherlands updated reporting process for serious ICT-related incidents under the Digital Operational Resilience Act.
  • Ukraine’s Ministry of Digital Transformation published guidance on safe use of AI assistants and agents.
  • Latvia amended the Law on the Processing of Aircraft Passenger Data, updating data retention and access provisions.
   

Americas

  • The U.S. Federal Trade Commission published its 2026-2030 Strategic Plan outlining priorities.
  • Kentucky’s data privacy bill to regulate Automatic Content Recognition (ACR) data passed by both houses.
  • Iowa Senate launched inquiry into technology companies over failures in reporting online child exploitation cases.
  • Montana’s AG launched investigation into automobile companies over alleged collection and sale of personal driving data without consent.
  • Electronic Privacy Information Centre filed amicus brief supporting South Carolina’s Age-Appropriate Design Code.
  • The Massachusetts Supreme Judicial Court delivered a ruling concerning a technology company’s social media design and its potential harm to minors.

   

Click here to read the complete newsletter with official links

   

Gurugram office: 1st Floor, AIHP Palms, 242 & 243, Udyog Vihar Phase-IV, Gurugram - 122015

Dubai office: Unit: 9, 9th Floor, Arabian Sky Business Centre, CitiBank Building, Sheikh Rashid Road, Dubai, UAE

Phone: +91-124-4309062 | Email: newsletter@Privacydesk.in 

Delhi (NCR) | Dubai 

   

Disclaimer: This update is the copyright of Reina Legal. The update is not intended to be a form of solicitation or advertising. The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate thereafter. No person should act on such information without appropriate professional advice based on the circumstances of a particular situation. Unsubscribe