![Default Article Featured Image_laptop-newspaper-global-article-090623[95].jpg](https://images.contentstack.io/v3/assets/bltd4dd5b2d705252bc/blt61f52659e86e1227/64ff207a8606a815d1c86182/laptop-newspaper-global-article-090623[95].jpg?width=3840&quality=75&format=pjpg&auto=webp)
The U.S. federal government is considering a host of cybersecurity and breach bills while states are pushing forward legislation that includes strengthening breach notification in Washington, increasing DNA collection in Colorado, regulating private drone use in Florida and limiting the retention of surveillance data in Virginia. In Brazil, the consultation period for the country’s draft data protection law has been extended, and in Argentina, there are new regulations on CCTV and do-not-call sanctions. In the EU, there’s been lots of talk about the proposed regulation—when it’s coming, what it will look like and how to prepare. Read about all this and more in this week’s Privacy Tracker legislative roundup.
LATEST NEWS
Argentina recently passed regulations related to CCTV privacy and do-not-call sanctions, Charles Russell Speechlys reports.
Brazil has extended the consultation period on its Preliminary Draft Bill for the Protection of Personal Data, reports Covington Burling’s Inside Privacy.
Human rights organizations are concerned Pakistan’s Prevention of Electronic Crimes Act 2015 threatens privacy and freedom of expression, reports Phys.org.
Mondaq reports the international transfer of Turkish citizens’ personal data is now permissible with data subjects' explicit consent.
Law360 reports that the U.S. Chamber of Commerce urged the Senate to keep data security and breach notification issues separate from its discussion of cyberthreat information-sharing legislation.
U.S. Sens. Roy Blunt (R-MO) and Tom Carper (D-DE) have introduced the Data Security Act of 2015, which aims to establish national standards to help protect consumers from identity theft, reports politicalnews.me.
The California Assembly’s Utilities and Commerce Committee is scheduled to hear AB 886 today, a bill that aims to protect the personal information and credit card data of users of transportation network companies, like Uber, reports PR Newswire.
Colorado is debating a bill that would require individuals convicted of “serious misdemeanors” to provide law enforcement with a DNA sample, reports CBS Denver.
Delaware's Attorney General and lawmakers have released a package of bills aimed at increasing Internet privacy, including a student privacy bill, a social media privacy bill and a bill regulating online advertising to children, reports WDEL.
Florida is considering legislation that would make it illegal to capture images of people on their private property, reports WCTV.
The Texas Senate unanimously passed a revenge porn bill, reports Dallas Observer.
Virginia’s governor has been sent antigovernment surveillance legislation in two forms, one that was unanimously passed by the General Assembly and another that only addresses the retention of license-plate reader data, reports Augusta Free Press.
ICYMI
Jedidiah Bracy, CIPP/E, CIPP/US, writes for Privacy Tracker about the Data Security and Notification Act, including reactions from Laura Moy of New America's Open Technology Institute and DLA Piper Partner Jim Halpert.
Olivier Proust, CIPP/E, writes for Privacy Tracker that it's probably going to take another year for the EU to adopt a General Data Protection Regulation.
U.S.
Sens. Tom Carper (D-DE) and Roy Blunt (R-MO) have introduced new federal data security legislation called the Data Security Act, reports The Hill.
The House Homeland Security Committee unanimously passed the National Cybersecurity Protection Advancement Act of 2015, BankInfoSecurity reports. The bill next goes to the full House of Representatives for a vote as early as this week.
The Christian Science Monitor reports a coalition of 65 cybersecurity professionals and academics have asked Congress to scrap three versions of cyber information-sharing bills due to privacy concerns.
A coalition of business groups has written to House lawmakers urging them "not to drop an amendment to their data security bill that would require third-party vendors to inform affected consumers when they experience a breach," The Hill reports.
A federal judge has denied claims that AMC Networks violated the Video Privacy Protection Act when it shared information about a consumer's visits with Facebook, The Wall Street Journal reports.
The Wall Street Journal reports that the U.S. Supreme Court is set to consider whether businesses can be held liable in civil cases for violating federal statutes when no one is harmed, potentially "opening the floodgates" for future civil litigation.
CANADA
A $750 million national class-action lawsuit has been filed against Bell Canada over "breach of privacy, breach of contract and breach of the Telecommunications Act," The Globe and Mail reports. The Lawyer compiles takeaways from the Office of the Privacy Commissioner's report on Bell's behavioral targeting program.
BC Privacy Commissioner Elizabeth Denham expressed concerns over the Election Amendment Act, or Bill 20, The Vancouver Sun reports.
EU
At last week’s IAPP Data Protection Intensive, there was lots of talk about the proposed General Data Protection Regulation (GDPR). We know it’s coming, and Angelique Carson, CIPP/US, writes for The Privacy Advisor on conference speakers’ insights on what the GDPR might look like and how to prepare for it.
EU Justice Commissioner Vera Jourová is calling for "results by the end of next month in talks to revamp" the EU-U.S. Safe Harbor program, BloombergBusiness reports.
Deutsche Welle reports that Justice Minister Heiko Maas announced new guidelines for data retention in Germany, limiting the retention of Internet and telephone data to 10 weeks and location data to four weeks.