Mongolia: Probably not the first country that springs to mind for any reason, let alone when considering data protection, privacy and consent. Yet as Mongolia launches its Law on Personal Data Protection, it joins the vast majority of the world in upholding digital privacy and safeguarding personal data in an increasingly global and interconnected digital world. It’s also a milestone in terms of moving data and privacy in the right direction in less (digitally) developed countries and in forging the principle of privacy as a component of human rights.
According to the 2025 Thales Digital Trust Index, trust in digital services has dropped across nearly every sector over the past year, with not a single industry reaching 50% trust among consumers. And financial services – while leading the pack at 44% — still didn’t come out well in terms of consumer trust.
Germany, known as one of the most data privacy-obsessed countries in Europe, is trying out a different approach to cookie consent. On 1 April 2025, a new consent regulation, the Consent Management Ordinance (or EinwV), took effect, which aimed to make cookie consent more user friendly while preserving data privacy. No easy feat, given the often confusing challenges of GDPR.
The gulf between consumer trust and businesses is growing as data breaches, poor and opaque data handling, and privacy violations make headlines. Businesses, despite best intentions, seem almost as puzzled by data protection and privacy concerns and solutions as consumers are, and indeed, often fail to see the big picture in terms of cybersecurity threats they face. This can lead to a worrying tendency: organizations “cyberwash” their cybersecurity and privacy approaches, leading not only to further erosion in consumer trust but to real financial and compliance consequences.
The data protection and privacy landscape is increasingly challenging for businesses and their digital marketing efforts. Most companies are familiar with GDPR and CCPA and similar measures to protect data and give consumers control over the data they share. And the European Union is in the process of introducing simplifications to GDPR to make the compliance burden easier for businesses trying to maintain their competitive edge. But, at the same time, privacy law is many tentacled and more than just GDPR. In the convoluted world of using the law creatively, enterprising law firms have applied existing, older laws to contemporary data protection problems to introduce lawsuits claiming that modern marketing tools, like pixels, cookies and chatbots, constitute violations of a variety of invasion of privacy statutes.
The California Consumer Privacy Act (CCPA) is a comprehensive data privacy law that enhances the privacy rights and consumer protections for residents of California, USA. It aims to give California residents more control over their personal information collected by businesses and imposes stringent obligations on businesses to ensure data protection. For a more detailed exploration of which businesses the CCPA applies to and the specific criteria involved, you can delve deeper into the topic here or get more information directly from the Department of Justice.
Quebec’s Law 25, formerly known as Bill 64, marks a significant change in the province’s approach to data privacy. Enacted by the Quebec National Assembly in September 2021, the legislation aims to modernize privacy regulations and reinforce the protection of personal data held by private sector organizations and public sector bodies.
Data privacy laws may have started out as a way to help secure high-risk activities such as banking and healthcare, but they now cover everything from day-to-day shopping to streaming services. While that’s undoubtedly a positive thing for customers, when it comes to the businesses serving these customers, staying data-compliant can get very tricky, very quickly.
New guidelines from the Italian data protection authority went into effect on January 9, 2022, and these impact any website that uses cookies. The new guidelines were announced last summer and authorities granted website managers a six-month period to learn about the new rules and make adjustments. With the new privacy rules now in effect, website managers need to get on board and understand these regulations and adapt to them.
When browsing the internet, it’s highly likely that you’ve encountered countless pop-up windows or banners that state the use of cookies and a request for the end-user to allow cookies. This is because of the privacy protection regulations implemented in recent years (i.e. the EU cookie law-2009 ePrivacy Directive and the GDPR), for the purpose of protecting individuals. These recorded consents serve to protect the marketers and companies from legal ramifications.
©2025 CookieHub ehf.
