Global Legislation

Vietnam is undergoing a sweeping transformation of its data protection and governance framework. Over the past two years, the country has accelerated its efforts to modernize its regulatory architecture for data, culminating in the passage of two landmark pieces of legislation in 2025: the Law on Personal Data Protection (Law No. 91/2025/QH15) (PDP Law), which […]

This Issue Brief analyzes Brazil’s recently enacted children’s online safety law, summarizing its key provisions and how they interact with existing principles and obligations under the country’s general data protection law (LGPD). It provides insight into an emerging paradigm of protection for minors in online environments through an innovative and strengthened institutional framework, focusing on […]

The digital landscape in Malaysia is undergoing a significant transformation. With major amendments to its Personal Data Protection Act (PDPA) taking effect in June 2025, the country is decisively updating its data protection standards to meet the demands of the global digital economy. This modernization effort is complemented by a forward-looking approach to artificial intelligence […]

The global landscape of artificial intelligence (AI) is being reshaped not only by rapid technological advancement but also by a worldwide push to establish new regulatory regimes. In a landmark move, on May 28, 2025, Japan’s Parliament approved the “Act on the Promotion of Research and Development and the Utilization of AI-Related Technologies” (人工知能関連技術の研究開発及び活用の推進に関する法律案要綱) (AI […]

Today, the Future of Privacy Forum (FPF) and The Dialogue released a Brief containing a Catalog of Measures for “Verifiably Safe” Processing of Children’s Personal Data Under India’s Digital Personal Data Protection Act (DPDPA) 2023.  When India’s DPDPA passed in August, it created heightened protections for the processing of personal data of children up to […]

The proposed Regulation on Artificial Intelligence (‘proposed AIA’ or ‘the Proposal’) put forward by the European Commission is the first initiative towards a comprehensive legal framework on AI in the world. It aims to set rules on specific AI applications in certain contexts and does not intend to regulate AI technology in general. The proposed […]

The European Union’s (EU) General Data Protection Regulation (GDPR) puts forward a non-exhaustive list of criteria in Article 83 that Data Protection Authorities (DPAs) need to consider when deciding whether to impose administrative fines and in determining their amount in specific cases. Notoriously, the ceiling for administrative fines put forward by the GDPR is high […]

Today, the Future of Privacy Forum released a Report looking into the Strategic Plans for the coming years of seven African Data Protection Authorities (DPAs). The Report gives insight into the activity and plans of DPAs from Kenya, Nigeria, South Africa, Benin, Mauritius, Côte d’Ivoire, and Burkina Faso. It also relies on research conducted across […]

by Rob van Eijk and Gabriela Zanfir-Fortuna On January 28, 2021, the German Federal Ministry of the Interior organized a conference celebrating the 40th Data Protection Day, the date on which the Council of Europe’s data protection convention, known as “Convention 108”, was opened for signature. One of the invited speakers and panelists was Prof. […]