The Lower House in The Netherlands has shelved its proposed data retention law until the next government takes over. The U.K. is looking for input on its implementation of the General Data Protection Regulation. The Article 29 Working Party has released revised guidance on the GDPR and weighed in on the proposed ePrivacy Regulation. And in the U.S., the response to the rollback of Federal Communications Commission broadband privacy rules continues in states and with a proposal in the U.S. Senate that would make way for the Federal Trade Commission to become the regulator of ISP privacy and data security. Read about this and more in this week’s Privacy Tracker legislative roundup.
LATEST NEWS
Telecompaper reports that the Lower House of The Netherlands’ Parliament has shelved the proposed data retention bill to be addressed by the incoming government.
More
Law360 reports that U.S. Sen. Richard Blumenthal, D-Conn., introduced a bill that would allow the Federal Trade Commission to create and enforce privacy and data security rules for internet service providers.
More
The Journal reports, California Assemblyman Jim Cooper, D-Elk Grove, has withdrawn a controversial bill that would have provided a student exclusion to the California Electronic Communications Privacy Act.
More
The Union-Bulletin reports, Oregon lawmakers have approved legislation to protect the privacy individuals legally purchasing marijuana products from dispensaries.
More
Virginia has responded to W-2 Form phishing attacks by amending its data breach notification law to require all employers and payroll service providers to notify the Virginia Attorney General if they are subject to a breach of payroll data.
More
Washington state lawmakers have passed out of the House Technology and Economic Development Committee a bill to protect online privacy after the rollback of the FCC broadband privacy rules, reports the Seattle Times.
More
The Wisconsin Senate has unanimously approved a bill that would require ISPs to get customers’ consent before collecting certain personal information, Wisconsin Public Radio reports.
More
ICYMI
Last week, the Article 29 Working Party adopted revised versions of its guidance on data protection officers, the right to data portability, and identifying a lead supervisory authority under the GDPR. IAPP Westin Research Fellow Cobun Keegan, CIPP/US, CIPM, writes for Privacy Tracker, that the revisions provide a few significant clarifications.
More
The European Parliament’s civil liberties committee held its first major hearing on the ePrivacy Regulation and whether it’s necessary in light of the GDPR. The hearing brought together representatives from the commission, industry, civil society, data protection authorities and academia. EU correspondent Jennifer Baker was there and has the story in this exclusive for The Privacy Advisor.
More
IAPP Westin Fellow Calli Schroeder, CIPP/US, CIPM, summarizes the Article 29 Working Party’s proposed guidelines on data protection impact assessments in this post for Privacy Tracker.
More
US
A letter signed by 50 House Republicans asks the Federal Communications Commission to monitor internet service providers on privacy issues after the agency’s broadband privacy rules were repealed, The Hill reports.
More
As Federal Communications Commission Chairman Ajit Pai prepares to roll back the agency's net neutrality rules, on the heels of the controversial farewell to its broadband privacy regulations, privacy advocates prepare for a second phase in the battle for online privacy protections, The Hill Reports.
More
The U.S. Department of Commerce's International Trade Administration has released an FAQ sheet for the Swiss-U.S. Privacy Shield agreement.
More
The Nevada state legislature has begun considering Republican Governor Brian Sandoval's $3.5 million request to bolster state cybersecurity in the next two years, the Associated Press reports.
More
The Oregon House of Representatives has voted "overwhelmingly" in favor of House Bill 2090, one that would allow the attorney general to take enforcement action against those companies who store, collect, delete or share customer data differently than outlined in their privacy policy, NewsChannel 21 reports.
More
ASIA PACIFIC
Australia’s mandatory data retention framework went into effect last week, prompting privacy advocates to mark the day as the "National Get a VPN Day," CNet reports.
More
The Australian Communications and Media Authority has tightened the rules for researchers looking to access the national database of telephone numbers, the Public Number Database, PSNews.au.co reports.
More
CANADA
Alberta Information and Privacy Commissioner Jill Clayton has said changes are needed to the province’s Freedom of Information and Protection of Privacy law in order for her office to do its job, The Calgary Herald reports.
More
The Canadian Bar Association National Privacy and Access Section Vice-Chair Suzanne Morin discussed the CBA's submission commenting on the parliamentary review of the Personal Information Protection and Electronic Documents Act, National Magazine reports.
More
EUROPE
The Article 29 Working Party has issued its opinion on the proposed ePrivacy Regulation, saying "it welcomes the proposal" and "the choice for a regulation as the regulatory instrument"; however, it did have four points of "grave concern
More
The Data Protection Commissioner of Ireland has released her annual report for 2016, which highlights "key developments and activities for the Office for the last year, together with the priorities for 2017 and beyond."
More
The U.K. government has officially called for views on the General Data Protection Regulation, which will go into effect in the country on May 25, 2018. The consultation extends through May 10 at 6 p.m.
More
The U.K. Information Commissioner’s Office announced two senior appointments: Paul Arnold has been named the ICO’s new deputy chief executive officer, and James Dipple-Johnstone has taken on the role of deputy commissioner – operations.
More