Global Legislation

Vietnam is undergoing a sweeping transformation of its data protection and governance framework. Over the past two years, the country has accelerated its efforts to modernize its regulatory architecture for data, culminating in the passage of two landmark pieces of legislation in 2025: the Law on Personal Data Protection (Law No. 91/2025/QH15) (PDP Law), which […]

This Issue Brief analyzes Brazil’s recently enacted children’s online safety law, summarizing its key provisions and how they interact with existing principles and obligations under the country’s general data protection law (LGPD). It provides insight into an emerging paradigm of protection for minors in online environments through an innovative and strengthened institutional framework, focusing on […]

Author: Cédric Burton The following is a guest post to the FPF blog authored by Cédric Burton, Partner and Global Co-Chair Data, Privacy and Cybersecurity, Wilson Sonsini Brussels. The guest post reflects the opinion of the author only and does not necessarily reflect the position or views of FPF and our stakeholder communities. FPF provides […]

The digital landscape in Malaysia is undergoing a significant transformation. With major amendments to its Personal Data Protection Act (PDPA) taking effect in June 2025, the country is decisively updating its data protection standards to meet the demands of the global digital economy. This modernization effort is complemented by a forward-looking approach to artificial intelligence […]

The global landscape of artificial intelligence (AI) is being reshaped not only by rapid technological advancement but also by a worldwide push to establish new regulatory regimes. In a landmark move, on May 28, 2025, Japan’s Parliament approved the “Act on the Promotion of Research and Development and the Utilization of AI-Related Technologies” (人工知能関連技術の研究開発及び活用の推進に関する法律案要綱) (AI […]

This Issue Brief summarizes key developments in data protection laws across the Asia-Pacific region since 2022, when the Future of Privacy Forum (FPF) and the Asian Business Law Institute (ABLI) published a series of reports examining 14 jurisdictions in the region. We found that while many offer alternative legal bases for data processing, consent remains […]

The following is a guest post to the FPF blog by Jonathan Mendoza Iserte, Secretary of Personal Data Protection at Mexico’s Instituto Nacional de Transparencia y Acceso a la Información y Protección de Datos Personales (INAI), and Nelson Remolina Angarita, Professor at the Faculty of Law, Universidad de los Andes, (Colombia). The guest blog reflects the […]

Today, the Future of Privacy Forum (FPF) and The Dialogue released a Brief containing a Catalog of Measures for “Verifiably Safe” Processing of Children’s Personal Data Under India’s Digital Personal Data Protection Act (DPDPA) 2023.  When India’s DPDPA passed in August, it created heightened protections for the processing of personal data of children up to […]

The proposed Regulation on Artificial Intelligence (‘proposed AIA’ or ‘the Proposal’) put forward by the European Commission is the first initiative towards a comprehensive legal framework on AI in the world. It aims to set rules on specific AI applications in certain contexts and does not intend to regulate AI technology in general. The proposed […]

The European Union’s (EU) General Data Protection Regulation (GDPR) puts forward a non-exhaustive list of criteria in Article 83 that Data Protection Authorities (DPAs) need to consider when deciding whether to impose administrative fines and in determining their amount in specific cases. Notoriously, the ceiling for administrative fines put forward by the GDPR is high […]