In this week’s Global News Roundup, Concerns emerged over surveillance in Bangladesh’s draft Data Protection Act. European Parliament is at odds over prohibited uses of artificial intelligence technology in the proposed AI Act. And the heads of several encrypted chat apps wrote to the U.K. government to abandon plans that may compromise end-to-end encryption in the proposed Online Safety Bill.
The Latest
India's Minister of State for Electronics and Information Technology, and Skill Development and Entrepreneurship Rajeev Chandrasekhar said data localization provisions were changed in the recent version of the proposed Digital Personal Data Protection Bill.
Revised text of the EU's AI Act indicates stricter proposed rules for "foundation model" systems, including generative AI systems like ChatGPT.
Israel's Constitution, Law and Justice Committee will discuss an amendment to the Privacy Protection Law to prevent Israel from being denied EU adequacy.
Spain’s data protection authority, the Agencia Española de Protección de Datos, published a list of public administrations "sanctioned" for failure to uphold citizens' rights to data protection.
Enforcement
Hong Kong's Office of the Privacy Commissioner for Personal Data arrested a 27-year-old woman on doxxing charges after she allegedly posted another individual's personal details on a social media platform in violation of the Personal Data (Privacy) Ordinance.
Italy's data protection authority, the Garante, fined a digital marketing services company 300,000 euros for allegedly illegally processing users' personal data for marketing purposes.
The U.K. Information Commissioner's Office reprimanded Surrey and Sussex police for using an app that recorded and automatically saved more than 200,000 phone calls without individuals' knowledge.
Asia-Pacific
Salinger Privacy Principal Anna Johnston, CIPP/E, CIPM, FIP, called for strengthening the Australian Privacy Act's definition of "personal information."
Transparency International Bangladesh raised concerns around surveillance and implementation of the draft Data Protection Act.
Vietnam's government published a Decree on Protection of Personal Data, effective 1 July.
Europe
The European Commission announced the adoption of a proposal for the EU Cyber Solidarity Act.
The EU Council circulated a third draft of compromise text for updating the Product Liability Directive.
European Parliament's position on the proposed Artificial Intelligence Act is stuck on prohibited uses of AI-powered technologies.
A European Parliament-commissioned impact assessment questioned several aspects of the European Commission's proposed legislation on child sexual abuse material.
U.K. Minister of State in the Department for Science, Innovation and Technology Julia Lopez presented the proposed Data Protection and Digital Information Bill for its second reading in the U.K. House of Commons.
U.K. Parliament is taking written comments from those with "expertise and experience or a special interest" concerning the proposed Data Protection and Digital Information Bill.
The heads of multiple encrypted chat apps, including WhatsApp and Signal, wrote a letter to the U.K. government claiming the proposed Online Safety Bill would “in effect outlaw end-to-end encryption.”
US
U.S. Reps. Anna Eshoo, D-Calif., and Zoe Lofgren, D-Calif., refiled the Online Privacy Act.
U.S. Rep. Kathy Castor, D-Fla., said she plans to reintroduce the Protecting the Information of our Vulnerable Children and Youth Act, known as the Kids PRIVCY Act.
Gov. Spencer Cox, R-Utah, signed Utah House Bill 343, a bill concerning privacy practices for government records, into law 14 March.
Washington state's House voted 57-40 for concurrence and final approval of House Bill 1155, the My Health My Data Act.
Guidance
Denmark's data protection authority, Datatilsynet, published a questionnaire circulated to gauge competencies of municipal data protection officers.
Ireland’s Data Protection Commission published a guidance note to assist data controllers in compliance with Article 30 of the EU General Data Protection Regulation, which requires a maintained record of processing activities.
The DPC also published four guides for parents on children's data protection rights under the GDPR.
Italy's data protection authority, the Garante, published an information page on dark patterns.
Lithuania's State Data Protection Inspectorate announced the results of its review of data protection officer requirements under the GDPR.
Spain's data protection authority, the Agencia Española de Protección de Datos, issued guidelines to aid public administrations' data protection impact assessments on proposed legislation.
The U.K. National Cyber Security Centre created guidance for implementing data-driven cybersecurity.
New York Attorney General Letitia James published a guide with recommendations to help businesses prevent data breaches and protect consumers' personal information.
ICYMI
Standard contractual clauses remain a top international data transfer mechanism across the globe with at least 20 draft contract templates covering 71 countries. The IAPP Research and Insights team constructed an infographic to depict the specific jurisdictions, such as Brazil and the Europe Economic Area that rely on SCCs.
State legislatures in Montana and Tennessee granted final passage to comprehensive state privacy bills that now await a governor's signature. IAPP Staff Writer Joe Duball breaks down both pieces of legislation before they're signed into law.
