In April, the Information Regulator published amendments to the Protection of Personal Information Act (POPIA) Regulations, significantly enhancing privacy protections for South Africans. These changes simplify the processes for objecting to data processing, requesting corrections or deletions, and obtaining consent for direct marketing. They also introduce new responsibilities for information officers and allow for administrative fines to be paid in installments.

On 12 February 2025, the Cyberspace Administration of China (CAC) issued the Measures for the Administration of Personal Information Compliance Audit (“Audit Measures”), which will take effect from 1 May 2025. The draft of the Audit Measures was first released for solicitation of public comments on 3 August 2023, and it took a year and a half for CAC to finalize the Audit Measures. In the final version of the Audit Measures, there are a few notable changes compared with the draft version, which reflect the evolving and more relaxed data protection regulatory stance of the CAC.

The proposed amendments to the Consumer Protection Act Regulations in South Africa aim to enhance consumer privacy by regulating direct marketing practices. Open for public comment until 15 January 2025, these changes focus on creating an opt-out registry managed by the National Consumer Commission, allowing consumers to block unsolicited electronic communications. Direct marketers will be required to register, renew annually, and cleanse their databases regularly to comply with the new rules. The amendments also introduce enforcement mechanisms for non-compliance and align with the Protection of Personal Information Act, ensuring comprehensive consumer protection against unwanted marketing.