The German Federal Court of Justice recently clarified online platforms' liability for user-generated content, ruling platforms aren't directly liable without knowledge but must act swiftly upon notification, significantly impacting digital service providers across Europe.
Australia’s eSafety Commissioner ordered Telegram to pay AUD 1 million for ignoring transparency obligations. Officials requested details on terrorist and child sexual content steps, but Telegram delayed months, triggering enforcement under the Online Safety Act.
On 28 February 2025, Japan’s Cabinet announced significant plans to introduce a Bill to promote research, development, and practical application of artificial intelligence technologies. The legislation focuses on transparency, protection of rights, and international cooperation.
The Personal Data Protection Act 2025 of Bangladesh mandates lawful and transparent data processing. It grants individuals rights over their data, including access, correction, and deletion, with formal compliance requirements for businesses and institutions.
Bangladesh has taken a step towards stronger data privacy regulations with the Personal Data Protection Act 2025. The law, which recently closed its consultation phase, aims to establish clear rules for processing personal data while ensuring individuals' privacy rights are safeguarded.
The Act introduces strict conditions for data collection, mandating that it must be lawful, fair, and transparent.
Key principles include purpose limitation, data minimisation, and accuracy, ensuring that organisations only collect and process the data necessary for a specific purpose.
It also mandates security measures to protect against unauthorised access and data breaches.
One of the most talked-about provisions is the requirement for explicit consent before processing personal data. However, exceptions exist, particularly for government functions, legal compliance, and certain family matters. This ensures that essential services are not hindered by excessive bureaucratic hurdles.
The Act introduces a range of rights for data subjects, empowering individuals to control their personal information. Citizens will have the right to:
To ensure accountability, the law places obligations on data controllers and processors, requiring them to adopt robust compliance mechanisms.
Organisations handling data must implement technical and organisational safeguards to prevent data misuse and ensure transparency.
In cases of data breaches, affected individuals must be promptly informed, and regulatory authorities must be notified within a set timeframe. Failure to adhere to these obligations may result in financial penalties and enforcement actions.
Italy has enforced new rules requiring digital devices to support parental control apps, ensuring parents can monitor children's online activity. The law also prevents companies from using collected data for advertising or profiling, strengthening privacy protections.
The CFPB seeks to categorise certain data brokers as consumer reporting agencies under Regulation V. Doing so would tighten obligations, require more transparency, and ensure consumers can see, correct, and control their own information.
House Bill H.210, introduced in Vermont, outlines new guidelines for digital platforms handling minors’ data. By mandating default high-privacy settings and transparent practices, legislators aim to reduce risks of emotional harm and excessive data harvesting.
Both GDPR and HIPAA are key regulations focused on protecting sensitive data. GDPR applies to personal data of EU residents, while HIPAA governs healthcare data in the U.S. Organisations must comply with both for international operations.
Follow the latest Tech Law news and updates about AI, Digital Assets, Internet Law, Data Protection, LawTech.
