Employee monitoring continues to attract attention, with Denmark’s regulator taking a strong stance on covert recording and issuing guidance on when audio or video monitoring can and cannot be justified. Enforcement trends also remain strong across the EU, with Polish courts issuing fines for inadequate security and Germany’s Federal Labour Court clarifying how fines should be assessed.

Privacy reform is also accelerating globally, including New Zealand’s Privacy Amendment Act 2025 and new Biometric Processing Privacy Code, Chile’s updates to personal data and labour rules, India’s rollout of its digital data protection law, Sweden’s proposal to align with the EU AI Act, and Ireland’s designation of competent authorities under that Act.

Cybersecurity remains under the spotlight, illustrated by Singapore’s significant penalty after a personal data breach. Elsewhere, the EU has unveiled its Digital Omnibus package, proposing legislative changes spanning cybersecurity, AI, and data laws.

Finally, this edition also reviews practices involving employee data processing, background checks, and public displays of employee details, with monitoring and surveillance becoming recurring themes alongside the principles of proportionality, transparency, and data minimisation.