![Default Article Featured Image_laptop-newspaper-global-article-090623[95].jpg](https://images.contentstack.io/v3/assets/bltd4dd5b2d705252bc/blt61f52659e86e1227/64ff207a8606a815d1c86182/laptop-newspaper-global-article-090623[95].jpg?width=3840&quality=75&format=pjpg&auto=webp)
The EU General Data Protection Regulation is now law after being passed last week by Parliament, and in this week’s Privacy Tracker legislative roundup, you can read all about it. Also, the Article 29 Working Party weighed in on the proposed EU-U.S. Privacy Shield, and the European Court of Justice is expected to rule on U.K. surveillance laws this week. Norway’s DPA has issued guidance on breach notification; a potential ban on calling existing clients in Hong Kong has some telemarketers concerned and GPEN announced it will focus on the Internet of Things in this year’s privacy sweep. In the U.S., the Email Privacy Act passed the House Judiciary Committee, a new Washington law establishes a state privacy office and Colorado’s student privacy bill has gained the unanimous support of the House Education Committee.
LATEST NEWS
Privacy This Week reports, Norway’s data protection authority has recommended that data controllers “voluntarily provide individualized information when a breach occurs,” indicating that it may order them to do so otherwise.
Morning Consult reports that a bill in front of a House panel aims to help police find victims of kidnappings by adding some exceptions to privacy rules for telecommunications providers. The bill is raising privacy concerns for some advocates.
A Colorado student privacy bill has received unanimous support from the House Education Committee, reports Chalkbeat.
The Rhode Island Supreme Court has ruled for personal privacy over information access in denying a request to access details of a case in which the former governor pleaded guilty to giving alcohol to minors, reports the Associated Press.
Washington Gov. Jay Inslee signed into law a bill establishing a state Office of Privacy and Data Protection. University of Washington Technology Law and Public Policy Clinic students have been helping lay the foundation for the work of the new office.
ICYMI
In this post for Privacy Tracker, Jedidiah Bracy, CIPP/E, CIPP/US, culls together reaction on the European Union’s new privacy law from GDPR shadow rapporteur Jan Philipp Albrecht, the European Commission, and others.
To help the world prepare for the GDPR, now that it has passed, the IAPP for the next month has lifted the member gate on our “EU Data Protection Reform” landing page, so that it can be shared with colleagues and accessed by anyone looking for information.
IAPP Westin Fellow Anna Myers, CIPP/US, offers this in-depth study examining the U.S. Federal Trade Commission’s Safe Harbor enforcement record for practices and trends that may inform its efforts under the new Privacy Shield.
Jedidiah Bracy, CIPP/E, CIPP/US, reports on the details the Article 29 Working Party’s opinion of the proposed Privacy Shield arrangement for Privacy Tracker.
U.S.
Morning Consult reports, the Email Privacy Act has been unanimously approved by the House Judiciary Committee.
Legislators hope to alter language in the Federal Aviation Administration’s reauthorization bill to include greater wiggle room for state-based influence, arguing that the federal government isn’t best poised to regulate drones, The Hill reports.
ASIA PACIFIC
A potential ban in Hong Kong on calling existing clients has telemarketers worried, The Standard reports.
ABC reports on new Australian Capital Territory legislation allowing employers to watch their employees outside of the workplace if there’s suspicion of unlawful activity tied to their job.
In a report for Out-Law.com, technology law specialist Bryan Tan discusses new guidelines in Singapore designed to help cloud providers and their business clients handle data breaches while following the country’s data protection regime.
CANADA
In a column for IT World Canada, Howard Solomon discusses the proposed federal data breach notification bill. The comment period on the bill will be open until the end of May.
The Global Privacy Enforcement Network will focus their 2016 Global Privacy Sweep around the Internet of Things, the Office of the Privacy Commissioner of Canada reports.
The chief judge of the Provincial Court of British Columbia wants information on individuals who were ultimately not convicted of a crime made unavailable in the Court Services Online database after 30 days, The Globe and Mail reports.
CBC News reports that Nova Scotia’s Justice Department is drafting a new cyberbullying bill to replace the one struck down last year by the Nova Scotia Supreme Court.
EUROPE
The European Parliament approved the EU Passenger Name Record bill last Thursday after five years of discussion, EUobserver reports.
The European Commission is currently seeking feedback from stakeholders on the current text of the ePrivacy Directive and the potential changes it faces.
The European Court of Justice will rule on the legality of U.K. surveillance laws, like the Data Retention and Investigatory Powers Act this week, the Guardian reports.