DataGuidance
@dataguidance.bsky.social
We share daily regulatory updates on AI, privacy, and cybersecurity from OneTrust DataGuidance, backed by 20+ years of expertise.
USA: EPIC shares people-first model chatbot bill.
EPIC, CFA, and Fairplay released the bill to regulate #chatbots, endorsed by over 70 organizations, focusing on liability, data protection, and safeguards.
Learn more: https://bit.ly/3YRWtrx
EPIC, CFA, and Fairplay released the bill to regulate #chatbots, endorsed by over 70 organizations, focusing on liability, data protection, and safeguards.
Learn more: https://bit.ly/3YRWtrx
January 23, 2026 at 6:08 PM
USA: EPIC shares people-first model chatbot bill.
EPIC, CFA, and Fairplay released the bill to regulate #chatbots, endorsed by over 70 organizations, focusing on liability, data protection, and safeguards.
Learn more: https://bit.ly/3YRWtrx
EPIC, CFA, and Fairplay released the bill to regulate #chatbots, endorsed by over 70 organizations, focusing on liability, data protection, and safeguards.
Learn more: https://bit.ly/3YRWtrx
Singapore: IMDA launches model AI governance framework for agentic AI.
The framework ensures responsible adoption of #agenticAI, emphasizing risk management, human accountability, technical controls, and user training.
Learn more: https://bit.ly/4pTrXII
The framework ensures responsible adoption of #agenticAI, emphasizing risk management, human accountability, technical controls, and user training.
Learn more: https://bit.ly/4pTrXII
January 23, 2026 at 5:04 PM
Singapore: IMDA launches model AI governance framework for agentic AI.
The framework ensures responsible adoption of #agenticAI, emphasizing risk management, human accountability, technical controls, and user training.
Learn more: https://bit.ly/4pTrXII
The framework ensures responsible adoption of #agenticAI, emphasizing risk management, human accountability, technical controls, and user training.
Learn more: https://bit.ly/4pTrXII
EU: EDPB adopts procedure for authorizing ad hoc contractual clauses and SCCs.
The procedure aims to promote consistency and cooperation among supervisory authorities.
Read more: https://bit.ly/46bLWeD
The procedure aims to promote consistency and cooperation among supervisory authorities.
Read more: https://bit.ly/46bLWeD
DataGuidance
Essential Privacy and Regulatory Research at Your Fingertips. Find everything you need to stay up-to-date on evolving privacy & security regulations around the world
bit.ly
January 23, 2026 at 4:00 PM
EU: EDPB adopts procedure for authorizing ad hoc contractual clauses and SCCs.
The procedure aims to promote consistency and cooperation among supervisory authorities.
Read more: https://bit.ly/46bLWeD
The procedure aims to promote consistency and cooperation among supervisory authorities.
Read more: https://bit.ly/46bLWeD
Spain: AEPD publishes updated privacy FAQs.
The AEPD FAQs aim to help citizens, SMEs, and privacy professionals resolve doubts and more easily apply data protection regulations.
Explore more: https://bit.ly/4jQZpOB
The AEPD FAQs aim to help citizens, SMEs, and privacy professionals resolve doubts and more easily apply data protection regulations.
Explore more: https://bit.ly/4jQZpOB
January 22, 2026 at 8:16 PM
Spain: AEPD publishes updated privacy FAQs.
The AEPD FAQs aim to help citizens, SMEs, and privacy professionals resolve doubts and more easily apply data protection regulations.
Explore more: https://bit.ly/4jQZpOB
The AEPD FAQs aim to help citizens, SMEs, and privacy professionals resolve doubts and more easily apply data protection regulations.
Explore more: https://bit.ly/4jQZpOB
EU: Commission proposes new cybersecurity package.
The new cybersecurity package enhances the EU's cybersecurity resilience and capabilities, with proposed changes to the EU Cybersecurity Act, the NIS2 Directive, and the ECCF.
Learn more: https://bit.ly/4qwf3Bv
The new cybersecurity package enhances the EU's cybersecurity resilience and capabilities, with proposed changes to the EU Cybersecurity Act, the NIS2 Directive, and the ECCF.
Learn more: https://bit.ly/4qwf3Bv
January 22, 2026 at 7:12 PM
EU: Commission proposes new cybersecurity package.
The new cybersecurity package enhances the EU's cybersecurity resilience and capabilities, with proposed changes to the EU Cybersecurity Act, the NIS2 Directive, and the ECCF.
Learn more: https://bit.ly/4qwf3Bv
The new cybersecurity package enhances the EU's cybersecurity resilience and capabilities, with proposed changes to the EU Cybersecurity Act, the NIS2 Directive, and the ECCF.
Learn more: https://bit.ly/4qwf3Bv
EU: Commission proposes new cybersecurity package.
The new cybersecurity package enhances the EU's cybersecurity resilience and capabilities, with proposed changes to the EU Cybersecurity Act, the NIS2 Directive, and the ECCF.
Learn more: https://bit.ly/4qwf3Bv
The new cybersecurity package enhances the EU's cybersecurity resilience and capabilities, with proposed changes to the EU Cybersecurity Act, the NIS2 Directive, and the ECCF.
Learn more: https://bit.ly/4qwf3Bv
DataGuidance
Essential Privacy and Regulatory Research at Your Fingertips. Find everything you need to stay up-to-date on evolving privacy & security regulations around the world
bit.ly
January 22, 2026 at 6:08 PM
EU: Commission proposes new cybersecurity package.
The new cybersecurity package enhances the EU's cybersecurity resilience and capabilities, with proposed changes to the EU Cybersecurity Act, the NIS2 Directive, and the ECCF.
Learn more: https://bit.ly/4qwf3Bv
The new cybersecurity package enhances the EU's cybersecurity resilience and capabilities, with proposed changes to the EU Cybersecurity Act, the NIS2 Directive, and the ECCF.
Learn more: https://bit.ly/4qwf3Bv
USA: FCC announces CGB extension of TCPA Consent Revocation Rule effective date.
The CGB extended the effective date from April 11, 2026, to January 31, 2027.
Read more: https://bit.ly/3ZotwDH
The CGB extended the effective date from April 11, 2026, to January 31, 2027.
Read more: https://bit.ly/3ZotwDH
January 22, 2026 at 5:04 PM
USA: FCC announces CGB extension of TCPA Consent Revocation Rule effective date.
The CGB extended the effective date from April 11, 2026, to January 31, 2027.
Read more: https://bit.ly/3ZotwDH
The CGB extended the effective date from April 11, 2026, to January 31, 2027.
Read more: https://bit.ly/3ZotwDH
New Jersey: Bill on consumer health data introduced to Senate.
The bill outlines obligations for businesses and provides consumer rights, including the rights to access, deletion, and withdrawal of consent.
Explore now: https://bit.ly/3LuhllE
The bill outlines obligations for businesses and provides consumer rights, including the rights to access, deletion, and withdrawal of consent.
Explore now: https://bit.ly/3LuhllE
DataGuidance
Essential Privacy and Regulatory Research at Your Fingertips. Find everything you need to stay up-to-date on evolving privacy & security regulations around the world
bit.ly
January 22, 2026 at 4:00 PM
New Jersey: Bill on consumer health data introduced to Senate.
The bill outlines obligations for businesses and provides consumer rights, including the rights to access, deletion, and withdrawal of consent.
Explore now: https://bit.ly/3LuhllE
The bill outlines obligations for businesses and provides consumer rights, including the rights to access, deletion, and withdrawal of consent.
Explore now: https://bit.ly/3LuhllE
California: AG sends cease and desist letter to xAI on distribution of #deepfake explicit content and CSAM.
Check it out: https://bit.ly/3YQy0mo
Check it out: https://bit.ly/3YQy0mo
DataGuidance
Essential Privacy and Regulatory Research at Your Fingertips. Find everything you need to stay up-to-date on evolving privacy & security regulations around the world
bit.ly
January 21, 2026 at 8:16 PM
California: AG sends cease and desist letter to xAI on distribution of #deepfake explicit content and CSAM.
Check it out: https://bit.ly/3YQy0mo
Check it out: https://bit.ly/3YQy0mo
Shanghai: Cyberspace Administration issues information on cross-border transfer enforcement cases.
The Shanghai Cyberspace Administration shared two enforcement cases, regarding entities in the hotel and property management industries.
Read now: https://bit.ly/3YOAHoC
The Shanghai Cyberspace Administration shared two enforcement cases, regarding entities in the hotel and property management industries.
Read now: https://bit.ly/3YOAHoC
January 20, 2026 at 7:12 PM
Shanghai: Cyberspace Administration issues information on cross-border transfer enforcement cases.
The Shanghai Cyberspace Administration shared two enforcement cases, regarding entities in the hotel and property management industries.
Read now: https://bit.ly/3YOAHoC
The Shanghai Cyberspace Administration shared two enforcement cases, regarding entities in the hotel and property management industries.
Read now: https://bit.ly/3YOAHoC
New Jersey: Bill prohibiting disclosure of personal information by private entities introduced in Senate.
The bill aims to protect private information by mandating a secure portal for nondisclosure requests.
Explore more: https://bit.ly/4qFEWir
The bill aims to protect private information by mandating a secure portal for nondisclosure requests.
Explore more: https://bit.ly/4qFEWir
DataGuidance
Essential Privacy and Regulatory Research at Your Fingertips. Find everything you need to stay up-to-date on evolving privacy & security regulations around the world
bit.ly
January 20, 2026 at 6:08 PM
New Jersey: Bill prohibiting disclosure of personal information by private entities introduced in Senate.
The bill aims to protect private information by mandating a secure portal for nondisclosure requests.
Explore more: https://bit.ly/4qFEWir
The bill aims to protect private information by mandating a secure portal for nondisclosure requests.
Explore more: https://bit.ly/4qFEWir
Indonesia: MKRI upholds PDP law against constitutional challenge.
The Court confirmed the PDP Law's alignment with constitutional and international data protection standards.
Check it out: https://bit.ly/4pQBhgG
The Court confirmed the PDP Law's alignment with constitutional and international data protection standards.
Check it out: https://bit.ly/4pQBhgG
DataGuidance
Essential Privacy and Regulatory Research at Your Fingertips. Find everything you need to stay up-to-date on evolving privacy & security regulations around the world
bit.ly
January 20, 2026 at 5:04 PM
Indonesia: MKRI upholds PDP law against constitutional challenge.
The Court confirmed the PDP Law's alignment with constitutional and international data protection standards.
Check it out: https://bit.ly/4pQBhgG
The Court confirmed the PDP Law's alignment with constitutional and international data protection standards.
Check it out: https://bit.ly/4pQBhgG
France: CNIL publishes final recommendations on multi-device consent.
The recommendations aim to ensure GDPR-compliant consent practices in cross-device environments, and CNIL identifies challenges such as managing contradictions regarding consent choices.
Learn more: https://bit.ly/4b80xev
The recommendations aim to ensure GDPR-compliant consent practices in cross-device environments, and CNIL identifies challenges such as managing contradictions regarding consent choices.
Learn more: https://bit.ly/4b80xev
January 19, 2026 at 8:16 PM
France: CNIL publishes final recommendations on multi-device consent.
The recommendations aim to ensure GDPR-compliant consent practices in cross-device environments, and CNIL identifies challenges such as managing contradictions regarding consent choices.
Learn more: https://bit.ly/4b80xev
The recommendations aim to ensure GDPR-compliant consent practices in cross-device environments, and CNIL identifies challenges such as managing contradictions regarding consent choices.
Learn more: https://bit.ly/4b80xev
Virginia: Bill on App Store Accountability introduced to Senate.
The bill, which will take effect on July 1, 2027, if enacted, establishes new regulations for app store providers and developers, focusing on age verification and parental consent for minors.
Read on: https://bit.ly/3YMEe6J
The bill, which will take effect on July 1, 2027, if enacted, establishes new regulations for app store providers and developers, focusing on age verification and parental consent for minors.
Read on: https://bit.ly/3YMEe6J
January 19, 2026 at 7:12 PM
Virginia: Bill on App Store Accountability introduced to Senate.
The bill, which will take effect on July 1, 2027, if enacted, establishes new regulations for app store providers and developers, focusing on age verification and parental consent for minors.
Read on: https://bit.ly/3YMEe6J
The bill, which will take effect on July 1, 2027, if enacted, establishes new regulations for app store providers and developers, focusing on age verification and parental consent for minors.
Read on: https://bit.ly/3YMEe6J
New York: New York AI Act referred to Committee.
The Act mandates AI system developers and deployers to prevent algorithmic discrimination and ensure transparency and accountability.
Learn more: https://bit.ly/4bcO8pP
The Act mandates AI system developers and deployers to prevent algorithmic discrimination and ensure transparency and accountability.
Learn more: https://bit.ly/4bcO8pP
January 19, 2026 at 6:08 PM
New York: New York AI Act referred to Committee.
The Act mandates AI system developers and deployers to prevent algorithmic discrimination and ensure transparency and accountability.
Learn more: https://bit.ly/4bcO8pP
The Act mandates AI system developers and deployers to prevent algorithmic discrimination and ensure transparency and accountability.
Learn more: https://bit.ly/4bcO8pP
New Jersey: Bill for Privacy Protection Act passes both Houses.
The Act restricts the collection and sharing of certain personal information by government entities and healthcare facilities and took effect immediately.
Check it out: https://bit.ly/4jTx4Yg
The Act restricts the collection and sharing of certain personal information by government entities and healthcare facilities and took effect immediately.
Check it out: https://bit.ly/4jTx4Yg
January 19, 2026 at 5:04 PM
New Jersey: Bill for Privacy Protection Act passes both Houses.
The Act restricts the collection and sharing of certain personal information by government entities and healthcare facilities and took effect immediately.
Check it out: https://bit.ly/4jTx4Yg
The Act restricts the collection and sharing of certain personal information by government entities and healthcare facilities and took effect immediately.
Check it out: https://bit.ly/4jTx4Yg
USA: District Court grants final approval of $30M settlement in children's privacy class action against Google.
The US District Court approved the settlement, resolving claims concerning the collection and use of information from children under 13.
Read now: https://bit.ly/3LPEz5I
The US District Court approved the settlement, resolving claims concerning the collection and use of information from children under 13.
Read now: https://bit.ly/3LPEz5I
January 19, 2026 at 4:00 PM
USA: District Court grants final approval of $30M settlement in children's privacy class action against Google.
The US District Court approved the settlement, resolving claims concerning the collection and use of information from children under 13.
Read now: https://bit.ly/3LPEz5I
The US District Court approved the settlement, resolving claims concerning the collection and use of information from children under 13.
Read now: https://bit.ly/3LPEz5I
Virginia: Bill on social media platforms and AI systems introduced to Senate.
The bill proposes amendments to the Virginia CDPA to impose new obligations on social media platforms and AI system operators.
Explore more: https://bit.ly/49KgTrn
The bill proposes amendments to the Virginia CDPA to impose new obligations on social media platforms and AI system operators.
Explore more: https://bit.ly/49KgTrn
January 16, 2026 at 8:16 PM
Virginia: Bill on social media platforms and AI systems introduced to Senate.
The bill proposes amendments to the Virginia CDPA to impose new obligations on social media platforms and AI system operators.
Explore more: https://bit.ly/49KgTrn
The bill proposes amendments to the Virginia CDPA to impose new obligations on social media platforms and AI system operators.
Explore more: https://bit.ly/49KgTrn
USA: Senators issue letter to tech companies on sexualized AI-generated images.
US senators urge major tech companies to strengthen measures against non-consensual, sexualized AI-generated images and report on their mitigation efforts.
Learn more: https://bit.ly/3LiOfph
US senators urge major tech companies to strengthen measures against non-consensual, sexualized AI-generated images and report on their mitigation efforts.
Learn more: https://bit.ly/3LiOfph
January 16, 2026 at 7:12 PM
USA: Senators issue letter to tech companies on sexualized AI-generated images.
US senators urge major tech companies to strengthen measures against non-consensual, sexualized AI-generated images and report on their mitigation efforts.
Learn more: https://bit.ly/3LiOfph
US senators urge major tech companies to strengthen measures against non-consensual, sexualized AI-generated images and report on their mitigation efforts.
Learn more: https://bit.ly/3LiOfph
New York: Bill on sharing personal health information referred to Assembly Committee.
The bill would impose strict consent, disclosure, and data use limits on electronic health products and services.
Read more: https://bit.ly/49sT4Wk
The bill would impose strict consent, disclosure, and data use limits on electronic health products and services.
Read more: https://bit.ly/49sT4Wk
DataGuidance
Essential Privacy and Regulatory Research at Your Fingertips. Find everything you need to stay up-to-date on evolving privacy & security regulations around the world
bit.ly
January 16, 2026 at 6:08 PM
New York: Bill on sharing personal health information referred to Assembly Committee.
The bill would impose strict consent, disclosure, and data use limits on electronic health products and services.
Read more: https://bit.ly/49sT4Wk
The bill would impose strict consent, disclosure, and data use limits on electronic health products and services.
Read more: https://bit.ly/49sT4Wk
Virginia: Bill on prohibitions and duties to minors introduced to Senate.
The bill would amend Virginia's CDPA to require verified parental consent for minors and restrict data collection and targeted advertising.
Learn more: https://bit.ly/4qU0kQL
The bill would amend Virginia's CDPA to require verified parental consent for minors and restrict data collection and targeted advertising.
Learn more: https://bit.ly/4qU0kQL
January 16, 2026 at 5:04 PM
Virginia: Bill on prohibitions and duties to minors introduced to Senate.
The bill would amend Virginia's CDPA to require verified parental consent for minors and restrict data collection and targeted advertising.
Learn more: https://bit.ly/4qU0kQL
The bill would amend Virginia's CDPA to require verified parental consent for minors and restrict data collection and targeted advertising.
Learn more: https://bit.ly/4qU0kQL
Texas: Responsible Artificial Intelligence Governance Act enters into effect.
The Texas Responsible AI Governance Act takes effect, setting rules for AI use, biometric data, and prohibited systems, with enforcement by the Texas AG.
Read more: https://bit.ly/3LCf2Nl
The Texas Responsible AI Governance Act takes effect, setting rules for AI use, biometric data, and prohibited systems, with enforcement by the Texas AG.
Read more: https://bit.ly/3LCf2Nl
January 16, 2026 at 4:00 PM
Texas: Responsible Artificial Intelligence Governance Act enters into effect.
The Texas Responsible AI Governance Act takes effect, setting rules for AI use, biometric data, and prohibited systems, with enforcement by the Texas AG.
Read more: https://bit.ly/3LCf2Nl
The Texas Responsible AI Governance Act takes effect, setting rules for AI use, biometric data, and prohibited systems, with enforcement by the Texas AG.
Read more: https://bit.ly/3LCf2Nl
USA: DOJ establishes AI Taskforce to challenge state AI laws.
The AG establishes an #AITaskforce to challenge state AI laws that conflict with the federal AI policy set out in Executive Order 14365.
Check it out: https://bit.ly/4pI4xpA
The AG establishes an #AITaskforce to challenge state AI laws that conflict with the federal AI policy set out in Executive Order 14365.
Check it out: https://bit.ly/4pI4xpA
DataGuidance
Essential Privacy and Regulatory Research at Your Fingertips. Find everything you need to stay up-to-date on evolving privacy & security regulations around the world
bit.ly
January 15, 2026 at 8:16 PM
USA: DOJ establishes AI Taskforce to challenge state AI laws.
The AG establishes an #AITaskforce to challenge state AI laws that conflict with the federal AI policy set out in Executive Order 14365.
Check it out: https://bit.ly/4pI4xpA
The AG establishes an #AITaskforce to challenge state AI laws that conflict with the federal AI policy set out in Executive Order 14365.
Check it out: https://bit.ly/4pI4xpA
New York: Bill for New York artificial intelligence consumer protection act introduced to Senate.
The bill would require high-risk AI systems in New York to prevent discrimination, ensure transparency, and provide consumer rights.
Read now: https://bit.ly/49DNL5d
The bill would require high-risk AI systems in New York to prevent discrimination, ensure transparency, and provide consumer rights.
Read now: https://bit.ly/49DNL5d
January 14, 2026 at 8:16 PM
New York: Bill for New York artificial intelligence consumer protection act introduced to Senate.
The bill would require high-risk AI systems in New York to prevent discrimination, ensure transparency, and provide consumer rights.
Read now: https://bit.ly/49DNL5d
The bill would require high-risk AI systems in New York to prevent discrimination, ensure transparency, and provide consumer rights.
Read now: https://bit.ly/49DNL5d
Spain: AEPD publishes guide on risks from using third party images in AI systems.
The AEPD publishes a guide on using third-party images in AI, highlighting visible and invisible risks and stressing legal and ethical safeguards.
Explore more: https://bit.ly/4qiWXmr
The AEPD publishes a guide on using third-party images in AI, highlighting visible and invisible risks and stressing legal and ethical safeguards.
Explore more: https://bit.ly/4qiWXmr
January 14, 2026 at 7:12 PM
Spain: AEPD publishes guide on risks from using third party images in AI systems.
The AEPD publishes a guide on using third-party images in AI, highlighting visible and invisible risks and stressing legal and ethical safeguards.
Explore more: https://bit.ly/4qiWXmr
The AEPD publishes a guide on using third-party images in AI, highlighting visible and invisible risks and stressing legal and ethical safeguards.
Explore more: https://bit.ly/4qiWXmr