More than thirty privacy and data protection authorities around the world have launched a coordinated investigation into how websites and mobile apps used by children handle their personal data. The initiative is part of the 2025 Global Privacy Enforcement Network (GPEN) Sweep, running from November 3 to 7, 2025.
Claims that nearly a tenth of Gmail users had their passwords stolen spread quickly across social media this week, prompting Google to step in with an unambiguous response, stating there was no Gmail data breach.
An international forum hosted in Paris this spring brought together more than 450 participants to scrutinize how the EU’s landmark data protection law, the General Data Protection Regulation (GDPR), is shaping innovation, competition, and economic outcomes across Europe and beyond.
The Dutch data protection authority has finalized a €2.7 million fine against Experian Nederland B.V. after concluding the company processed personal data without a lawful basis and failed to properly notify affected individuals. The ruling replaced an earlier decision from December 2023 following Experian’s formal objection.
As cyber threats continue to test the resilience of U.S. water systems, the Environmental Protection Agency is rolling out new resources to help utilities strengthen digital defenses and keep safe water flowing.
Norway's Borgarting Court of Appeal has upheld the $6 million (NOK 65 million) fine against Grindr, ruling that the company unlawfully shared users’ personal data with advertisers without valid consent. The decision, handed down on Tuesday, confirms earlier findings by the Norwegian Data Protection Authority (Datatilsynet) and the Oslo District Court that Grindr breached EU data protection law.
The UK Information Commissioner’s Office (ICO) has fined outsourcing giant Capita and its pensions subsidiary a combined £14 million for failing to protect personal data in a 2023 cyberattack that exposed the information of 6.6 million people.