DeepSeek, the China-based AI chatbot service, is currently navigating a tricky regulatory landscape as privacy concerns grow across the globe. After being hit with privacy scrutiny in South Korea and facing an enforcement action in Italy over data protection practices, DeepSeek is working to address key concerns to avoid further disruptions to its operations.
Cybersecurity is not a new concept for modern organizations. Scheduled password changes, two-factor authentication, and mandatory training sessions are standard practices in most office environments. As computers have become the primary tool for business operations, the data they generate has become one of the most valuable assets across industries.
California State Assembly member, Josh Lowenthal, introduced Assembly Bill (AB) 566 on February 12, 2025, backed by the California Privacy Protection Agency (CPPA). The bill aims to empower Californians with a simple, one-step tool to manage their digital privacy—requiring web browsers and mobile operating systems to provide users with an easy opt-out option for sharing their personal data.
A data breach is never just a technical mishap, it’s a disruption that threatens both trust and personal rights. For those tasked with managing personal data, the Federal Data Protection Act (FADP) lays out clear—but complex—guidelines on how to handle such breaches. Article 24 of the FADP is especially crucial, detailing the responsibilities of data controllers when security incidents occur. Here’s a rundown of how data controllers can navigate these waters, ensuring they’re both compliant and proactive.
The Personal Information Protection Commission (PIPC) is gearing up for a busy 2025. At its second plenary meeting, the Commission outlined its investigative goals for the year, emphasizing both strict oversight of privacy practices and a more supportive, growth-friendly environment for businesses. Whether it’s diving deep into sectors closely tied to people's daily lives or making sure that emerging technologies like AI don’t compromise personal privacy, the PIPC is taking a multifaceted approach to privacy protection this year.
The reality of cybersecurity risks has hit home for many licensed corporations (LCs) in Hong Kong. The Securities and Futures Commission (SFC) recently unveiled findings from its latest 2023/24 Thematic Cybersecurity Review, shedding light on the alarming rise of material cybersecurity incidents in recent years. And the results? Not pretty.
In December 2024, Valio, Finland’s iconic dairy company, made an announcement that a personal data breach had compromised the personal information of a significant portion of their workforce. Fast forward to January 2025, and the situation has escalated. The breach, initially thought to be limited in scope, now affects far more people than originally estimated. And the authorities? They’re all over it