Global News Roundup: 21-27 March 2023

In this week’s Global News Roundup, China said it is investigating “cracked” mobile apps. Several U.S. state attorneys general reached a USD9 million settlement with Google over location tracking practices. Bangladesh outlined its enforcement regime under its proposed Data Protection Act. And, the European Parliament approved the eIDAS Regulation.

The Latest

The European Data Protection Board will continue its debate on the Irish Data Protection Commission’s case regarding lawfulness of Meta’s EU-U.S. data transfers at its plenary meeting 28 March.

The European Commission announced the formation of a high-level group to advise companies on implementation of the Digital Markets Act.

The European Consumer Organisation welcomed efforts in the EU to harmonize procedural rules on cross-border cases under the EU General Data Protection Regulation, while offering three recommendations in a published document.

The Office of the European Data Protection Supervisor announced intentions to join the European Data Protection Board in its coordinated enforcement of data protection officers.


China’s Ministry of Industry and Information Technology announced investigations into alleged data protection violations concerning versions of mobile apps with broken protection or “cracked apps.”

The General Court of the Court of Justice of the European Union expects legal challenges to the EU Digital Markets Act by the end of 2023.

Norway’s data protection authority, the Datatilsynet, fined U.S.-based Argon Medical Devices 2.5 million kroner for failing to report a July 2021 data breach within the 72-hour deadline required by the GDPR.

Five state attorneys general in the U.S. reached a USD9 million settlement with Google over deceptive location tracking practices. 


The draft document outlining the enforcement regime under Bangladesh’s proposed Data Protection Act was recently released.

Indian Minister of State for Electronics and Information Technology Rajeev Chandrasekhar confirmed the proposed Digital Data Protection Bill will contain a “blacklist” for cross-border data transfers.


The Canadian government published a companion document with key information about the proposed Artificial Intelligence and Data Act.


The EU is seeking recognition of the bloc’s digital regulations globally via the United Nation’s Global Digital Compact.

The European Parliament approved the eIDAS Regulation, legislation creating a continent-wide digital identity framework.


Haverford College Shibulal Family associate professor of computer science Sorelle Friedler, Brown University Center for Tech Responsibility Director Suresh Venkatasubramanian and Center for Technology Innovation Governance Studies fellow Alex Engler, CIPP/E, CIPM, FIP, discussed questions around design and implementation of a “new wave” of U.S. state legislation on artificial intelligence.

Maryland House Bill 0901, a law that would require businesses offering “an online product likely to be accessed by children to complete a certain data protection impact assessment,” was given its first reading in the state Senate.

The House Committee on Judiciary Finance and Civil Law supported the proposed Minnesota Age-Appropriate Design Code Act with amendments and referred it to the Commerce Finance and Policy Committee.

New Hampshire Senate Bill 255, which inserts a chapter “detailing a consumer expectation of privacy” was introduced during the state House of Representatives 16 March recess and referred to its Judiciary Committee.

The Tennessee Senate recommended passing the proposed state Information Protection Act, while the bill was placed on the Commerce Committee calendar in the House.

The state of Washington’s Senate Committee on Law and Justice passed House Bill 1155, an act addressing the collection, sharing and selling of consumer health data.


The Office of the Saskatchewan Information and Privacy Commissioner is welcoming responses to a survey on access and privacy.

Denmark’s data protection authority, Datatilsynet, and several industry organizations will launch a 4 May webinar with new GDPR guidance for small businesses.

Author: HO2rmeENXt