Internet connectivity across Cameroon has been severely disrupted since October 23, 2025, leaving millions offline. This outage coincides with escalating protests and political tensions following the disputed October 12 presidential election, where incumbent Paul Biya is poised for re-election.
China's Cyberspace Administration and State Administration for Market Regulation have jointly issued new Measures for Certification of Cross-Border Personal Information Transfer, effective January 1, 2026. These measures complete the regulatory framework under the Personal Information Protection Law, offering a new compliance pathway for businesses transferring personal data overseas.
The Hungarian Supreme Court, known as the Kúria, has issued a significant judgment confirming the limited liability of online platform service providers. This ruling, grounded in the E-Commerce Act and the Digital Services Act, clarifies that platforms are not objectively liable for unlawful content posted by users, provided they lack actual knowledge or act promptly upon notification.
The European Court of Human Rights has ruled that Turkey violated the rights of prominent Kurdish politician Aysel Tuğluk, citing unlawful detention and infringement of freedom of expression. The court found her 2016 pre-trial detention was politically motivated and ordered compensation.
The French port city of Calais initiates the EU's Entry/Exit System (EES) on October 12, marking a shift to digital border checks for non-EU travelers. The system, collecting biometric data, aims to enhance security and streamline crossings, with a gradual implementation to mitigate initial delays.
Austria's data protection authority has found that Microsoft 365 Education illegally tracked students using cookies without consent and failed to provide data access, violating EU privacy laws. The ruling, stemming from a NOYB complaint, orders Microsoft to clarify data use and grant access.
The European Parliament has voted to maintain the parliamentary immunity of Italian MEP Ilaria Salis, rejecting Hungary's request to lift it. The narrow vote, 306 to 305, allows Salis to retain her protection despite charges of attempted assault in Budapest.
Luxembourg has unveiled a draft law to modernize its 1991 media legislation, extending regulations beyond traditional broadcasters to encompass written press, influencers, and podcasters. The reform, presented by Minister Delegate for Media Elisabeth Margue, aims to adapt to the evolving digital landscape and ensure consistent rules across all content platforms. The current regulatory body, ALIA, will be rebranded as the Luxembourg Independent Media Authority (ALIM) with expanded powers.
Estonia is set to be among the first EU member states to fully implement the new digital Entry/Exit System (EES) from October 12, 2025. This automated IT system will register third-country nationals entering the Schengen area, replacing manual passport stamping with biometric data collection to enhance border security and efficiency.
The UK government has announced new powers for police to restrict repeated protests, allowing them to consider the cumulative impact of demonstrations. Home Secretary Shabana Mahmood stated the changes, made via amendments to the Public Order Act 1986, aim to balance protest rights with public safety, following recent disruptive events.
An Idaho judge ruled on October 1, 2025, to block the full release of graphic crime scene photos from the Bryan Kohberger case. Citing privacy concerns for the victims' families, Second District Judge Megan Marshall ordered the city of Moscow to redact images showing victims' bodies or blood, while allowing other investigative records to be released.
Italy has become the first EU country to enact its own national AI law, approved by the Senate on September 17, 2025. The legislation aligns with the EU AI Act but introduces stricter provisions, including criminal penalties for AI misuse, parental consent for minors, and enhanced workplace regulations, aiming for human-centric, transparent, and safe AI use.
Nigeria's National Data Protection Commission (NDPC) has collaborated with Mastercard to enhance data privacy within the country's financial sector. Mastercard has enrolled its Nigerian employees in the NDPC's Virtual Privacy Academy, an initiative aimed at strengthening compliance and promoting responsible data practices across Africa's digital economy. The partnership addresses rising data breach concerns in Nigeria.
The European Court of Human Rights has permitted Austria to deport a 19-year-old Syrian man, lifting a previous injunction. The decision, announced on September 24, 2025, follows the man's convictions for crimes including shoplifting and unarmed robbery. Human rights organizations have criticized the ruling, citing the unstable security situation in Syria and the potential for human rights violations.
A European Parliament committee has rejected Hungary's request to lift the parliamentary immunity of opposition leader Péter Magyar. The decision by the Legal Affairs Committee protects Magyar from charges including alleged mobile phone theft and defamation, drawing strong criticism from Hungarian Prime Minister Viktor Orbán.
Automaker Stellantis has announced a data breach impacting its North American customer service operations, including Canada. The incident involved unauthorized access to a third-party service provider's platform, exposing basic contact information. The company has initiated response protocols and is notifying affected customers.
Mexican civil society organizations, including R3D and Article 19, have voiced strong concerns over a package of privacy-invasive surveillance laws passed in July 2025. Critics argue the legislation, dubbed 'Ley Espía,' enables mass surveillance through biometric IDs and broad data access without sufficient judicial oversight, calling for international attention.
Facebook is distributing payments to users who filed claims in the $725 million privacy settlement, stemming from allegations of improper data sharing. Approved claimants will receive emails with payment details, and the amount received will depend on the length of their Facebook usage during the covered period, with payments expected to continue over the next several weeks.
A federal jury in San Francisco has ruled that Google must pay $425.7 million for improperly tracking users' smartphones over a nearly ten-year period, affecting about 98 million devices. While the company denies wrongdoing, claiming its privacy tools respect user choices, attorneys involved in the case view the outcome as a significant victory for privacy rights.
A journalist received an encrypted message leading to a website that exposed the Spotify listening habits of public figures, revealing their personal data. The site, initially amusing, raised privacy concerns when the journalist found their own information included, highlighting the potential for widespread data exposure.
