The German Federal Court of Justice recently clarified online platforms' liability for user-generated content, ruling platforms aren't directly liable without knowledge but must act swiftly upon notification, significantly impacting digital service providers across Europe.
Australia’s eSafety Commissioner ordered Telegram to pay AUD 1 million for ignoring transparency obligations. Officials requested details on terrorist and child sexual content steps, but Telegram delayed months, triggering enforcement under the Online Safety Act.
On 28 February 2025, Japan’s Cabinet announced significant plans to introduce a Bill to promote research, development, and practical application of artificial intelligence technologies. The legislation focuses on transparency, protection of rights, and international cooperation.
The CFPB seeks to categorise certain data brokers as consumer reporting agencies under Regulation V. Doing so would tighten obligations, require more transparency, and ensure consumers can see, correct, and control their own information.
The Consumer Financial Protection Bureau (CFPB) is poised to crack down on practices deemed risky or harmful in the data broker sector, with its consultation on the proposal for Protecting Americans from Harmful Data Broker Practices (Regulation V) closing on 3 March 2025.
The rule aims to curb the sale of delicate personal and financial information by categorising certain data brokers as consumer reporting agencies under the Fair Credit Reporting Act (FCRA).
Its advocates argue that tighter oversight will give people greater control over how their details are used and sold.
Data brokers have long operated in a shadowy realm, collecting and selling large amounts of information with minimal checks. While some brokers may view themselves as simple data aggregators, officials point out that sensitive details, including credit histories, income information, and personal identifiers, can land in the wrong hands.
By proposing to label certain brokers as consumer reporting agencies, the CFPB ensures they must follow FCRA rules, meaning brokers must meet accuracy standards, allow individuals to view their own files, and prevent unauthorised access to data.
A novel aspect of this proposed law is its stated aim to block unlawful foreign intelligence activities or surveillance. If enacted, the rule would ban the sale of personal details, such as Social Security numbers and private financial figures, to parties lacking the proper authorisation.
Officials believe this measure could help reduce the risk of cross-border data abuse, where foreign entities obtain identifiers or account data for malicious reasons. The CFPB ascertains that businesses and individuals have a right to know that their details aren’t being sold for questionable ends.
A key element of the draft regulation involves giving people the right to see exactly what data is held about them, much like in other consumer reporting situations. By doing so, the Bureau hopes to remedy inaccuracies that can harm finances or reputations.
The CFPB suggests that data brokers, under the new rules, would need to correct false entries and cease making such information available.
Meanwhile, the framework calls for closer scrutiny of those who pass on or sell consumer details, ensuring that records aren’t used for unwanted advertising, scams, or the creation of complete profiles for shady dealings.
California introduced Bill AB 1018 to regulate automated decision systems impacting employment, education, housing, and healthcare. The Bill mandates performance evaluations, independent audits, and consumer disclosures to ensure accountability and transparent decision-making.
Italy has enforced new rules requiring digital devices to support parental control apps, ensuring parents can monitor children's online activity. The law also prevents companies from using collected data for advertising or profiling, strengthening privacy protections.
House Bill H.210, introduced in Vermont, outlines new guidelines for digital platforms handling minors’ data. By mandating default high-privacy settings and transparent practices, legislators aim to reduce risks of emotional harm and excessive data harvesting.
Both GDPR and HIPAA are key regulations focused on protecting sensitive data. GDPR applies to personal data of EU residents, while HIPAA governs healthcare data in the U.S. Organisations must comply with both for international operations.
Follow the latest Tech Law news and updates about AI, Digital Assets, Internet Law, Data Protection, LawTech.
