![Default Article Featured Image_laptop-newspaper-global-article-090623[95].jpg](https://images.contentstack.io/v3/assets/bltd4dd5b2d705252bc/blt61f52659e86e1227/64ff207a8606a815d1c86182/laptop-newspaper-global-article-090623[95].jpg?width=3840&quality=75&format=pjpg&auto=webp)
Romania has published a draft law to implement the EU General Data Protection Regulation. In the U.K., the High Court has given the government six months to revise the Investigatory Powers Act so it aligns with EU law and the Convention on Human Rights. Tanzania introduced a new law requiring online platforms to get licensed and join a national registry. And in the U.S., the Opioid Crisis Response Act of 2018 passed the Senate Health, Education, Labor and Pensions Committee; Sens. John Kennedy, R-La., and Amy Klobuchar, D-Minn., have introduced the Social Media Privacy Protection and Consumer Rights Act; the Senate confirmed President Donald Trump’s five nominees to the Federal Trade Commission; and Massachusetts Senate passed a bill offering free credit freezes to individuals after a data breach. Read about this and more in this week’s Privacy Tracker weekly legislative roundup.
LATEST NEWS
The European Commission has proposed a legislative package allowing member states to access information held on servers outside the EU, Lexology offers an analysis of the proposal.
More
The European Commission has proposed a new EU-wide whistleblower protection law, establishing safe channels for reporting violations, Diplomatic Intelligence reports.
More
Lexology reports on Romania’s draft law to implement the EU General Data Protection Regulation.
More
The High Court has given the U.K. government six months to amend the Investigatory Powers Act to make it compatible with EU law and the Convention on Human Rights, Public Technology reports.
More
Barley Snyder offers insight on navigating the 50 U.S. state breach notification laws.
More
Lexology offers an analysis of Alabama’s new Data Breach Notification Act.
More
California state Sen. Bill Dodd has introduced a bill that would increase the time consumers have to file claims against companies that have a data breach, the Martinez News-Gazette reports.
More
A California court has certified class action claims under Illinois’ Biometric Information Privacy Act, construing the statute more broadly than courts in Illinois, reports Employment Class Action Report.
More
The Virginia Supreme Court has said that the state’s license-plate reader system may violate the state’s Data Act, WND reports.
More
The Massachusetts Senate passed a bill aimed at protecting consumer information in the case of a data breach, including free credit freezes, Patch.com reports.
More
ICYMI
While the General Data Protection Regulation was designed to harmonize data protection law across the European Union, there are a number of legislative actions that the GDPR requires member states to take, and there are a number of optional powers and authority available to member states to carve out exceptions for or to clarify the GDPR’s rules. In this new white paper developed by the IAPP Westin Research Center's Müge Fazlioglu, CIPP/US, we provide a handy guide to the division between what the member states “shall” and “may” do within the articles of the GDPR.
More
At the IAPP Global Privacy Summit last month, Content Director Sam Pfeifle caught up with Wiley Rein's Kirk Nahra, CIPP/US, who also serves on the IAPP's publications advisory board and has a long history in health care privacy. We asked Nahra what the future likely holds for health care privacy regulation in the U.S. See the answers in this IAPP video presentation.
More
US
The U.S. Senate Health, Education, Labor and Pensions Committee passed the Opioid Crisis Response Act of 2018, with a provision to bring part of the bill in line with the HIPAA Privacy Rule, HealthITSecurity reports.
More
Sens. John Kennedy, R-La., and Amy Klobuchar, D-Minn., have introduced the Social Media Privacy Protection and Consumer Rights Act, The Hill reports.
More
The U.S. Senate has confirmed President Donald Trump’s five nominees to the Federal Trade Commission, The Hill reports.
More
The Federal Trade Commission announced it is accepting comments on the proposed alterations to the system of records notices under the Privacy Act. The FTC made the modifications to give it the ability to share information with other agencies following a data breach.
More
AFRICA
Tanzania has introduced a new law to target online platforms, including blogs, podcasts and streaming content, requiring them to join a national registry and pay a $900 license, VOA reports.
More
ASIA-PACIFIC
Prompted by a series of “major data leaks” involving more than half a million people, Hong Kong Privacy Commissioner for Personal Data Stephen Wong said the office would review the Personal Data (Privacy) Ordinance, the South China Morning Post reports.
More
The Unique Identification Authority of India urged the Supreme Court to test the constitutional validity of Aadhaar, The Times of India reports.
More
EUROPE
The European Union has proposed a law regulating tech companies' relationship with smaller businesses, Reuters reports. The bill specifically targets app stores, search engines, and e-commerce sites and will require them to be transparent about their methods for ranking search engine results and their processes for delisting services.
More