Privacy & Cybersecurity Law Blog

On February 5, 2026, the next phase of the UK Data (Use and Access) Act officially came into force, bringing most of its provisions, including the major reforms in Part 5, into effect.

On January 27, 2026, Data Privacy Day, the California Office of the Attorney General announced an investigative sweep into surveillance pricing, a type of algorithmic pricing that uses personal information to set individualized prices, and how such practices may violate the California Consumer Privacy Act.

On January 27, 2026, the Centre for Information Policy Leadership hosted a fireside chat with California Privacy Protection Agency General Counsel Phil Laird in honor of Data Privacy Day.

On January 30, 2026, the Cybersecurity Administration of China released a Q&A document on policies and regulations for the security management of cross-border data transfers. 

On January 20, 2026, the European Commission proposed a comprehensive new cybersecurity package aimed at strengthening the EU’s cybersecurity resilience and enhancing its capacity to manage evolving threats.

The U.S. Supreme Court will soon decide who qualifies as a “consumer” under the federal Video Privacy Protection Act, a 1988 law originally enacted to protect the privacy of individuals’ video rental and purchase records.