Google received a mixed ruling on a suit alleging the company collected data about people who browsed in “incognito mode.” The federal judge ruled users cannot gain monetary damages on a class-wide basis but did allow the users to proceed with the case to request restricting data collection by Google. In Meta’s case, a federal judge rejected a $37.5 million settlement negotiated by the company and class action lawyers representing an estimated 70 million users. The lawsuit found Meta collected users' IP addresses, revealing general information about location - in violation of a prior privacy policy.

Tanzania recently passed the Personal Data Protection Act and became the fourth East African Community (EAC) country after Kenya, Uganda, and Rwanda to have a data protection law. Privacy advocates welcomed the news but have concerns about some aspects of the bill including whether Tanzania’s yet-to-be-established Data Protection Commission would be able to act impartially, whether data subjects would be given power of consent, and how security breach notifications will be handled. But, nevertheless, it’s viewed as a good step forward.