JUNE 2026 ISSUE NO. 316

https://campaign-image.com/zohocampaigns/133052000002457092_zc_v53_artboard_1.png
   

APAC
  • The Securities and Exchange Board of India issued an advisory on cybersecurity risks associated with advanced AI-powered vulnerability detection tools.
  • China’s Ministry of Industry and IT released a national classification standard for AI terminals, establishing intelligence levels and evaluation criteria.
  • Australia’s Office of Information Commissioner published updated guidance on the collection of solicited personal information.

  • Vietnam’s government approved the National Standards Strategy for 2026-2035.

  • South Korea’s PIPC fined a funeral services company KRW 553.9M for a personal data breach and failures to implement adequate security measures.

   

EMEA

  • The European Data Protection Board published an opinion on Finland’s proposed accreditation requirements for GDPR certification bodies.
  • UK’s ICO fined a water services company GBP 963,900 for data security failures following a cyberattack and personal data breach.
  • Germany’s BfDI and partner authorities released a roadmap clarifying the application of EU AI Act for AI-enabled medical devices.
  • France’s CNIL published recommendation on use of personal data for creditworthiness assessment, including guidance on automated decisions.
  • The EU Council and Parliament reached a provisional agreement to streamline certain rules in the EU AI Act.
  • Ireland’s DPC imposed EUR 277,500 fine on a bank for data security deficiencies and failure to timely notify personal data breaches.
  • Belgium’s DPA fined a fintech company EUR 120,000 for incorrectly classifying itself as a data processor and failing to meet data controller obligations.
  • The European Commission adopted a recommendation establishing an EU-wide framework for age verification technologies.
  • Poland’s Ministry of Digital Affairs notified entities of new compliance obligations under the amended National Cybersecurity System Act.
  • Turkish Data Protection Authority publishes a data breach notification involving a hospitality company.
   

Americas

  • The U.S. Federal Trade Commission urged companies ensure compliance with the Take It Down Act.
  • Colorado Legislature advanced amendments to the Colorado AI Act, refining compliance requirements for high-risk AI systems.
  • Brazil’s ANPD published preliminary guidance and implementation timeline for age verification under the Digital ECA framework.
  • California’s AG secured USD 12.75 million settlement with an automotive manufacturer over the unlawful sale of drivers’ location and driving data.
  • The U.S. Cybersecurity and Infrastructure Security Agency launched CI Fortify initiative to strengthen resilience of critical infrastructure.
  • Texas’ AG sued a streaming platform over alleged deceptive data collection practices, privacy misrepresentations and unlawful user profiling.

   

Click here to read the complete newsletter with official links

   

Gurugram office: 1st Floor, AIHP Palms, 242 & 243, Udyog Vihar Phase-IV, Gurugram - 122015

Dubai office: Unit: 9, 9th Floor, Arabian Sky Business Centre, CitiBank Building, Sheikh Rashid Road, Dubai, UAE

Phone: +91-124-4309062 | Email: newsletter@Privacydesk.in 

Delhi (NCR) | Dubai 

   

Disclaimer: This update is the copyright of Reina Legal. The update is not intended to be a form of solicitation or advertising. The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate thereafter. No person should act on such information without appropriate professional advice based on the circumstances of a particular situation. Unsubscribe