In this week’s global legislative roundup, U.S. citizens’ perceptions of privacy have handcuffed efforts to work on a comprehensive federal privacy bill. The European Data Protection Board issued a binding decision related to a 600,000 euro fine given to a French hotel chain. U.S. Big Tech companies may be gearing up for a legal fight over the EU Digital Markets Act. And Indian Parliament may abandon the creation of an independent data protection authority in a new data protection bill.

The latest

Luxembourg’s National Commission for Data Protection issued a reminder to municipalities regarding the data protection officer requirement under the EU General Data Protection Regulation.
More

The U.K. Information Commissioner’s Office issued a six-step guide for small businesses that receive data protection complaints.
More

The U.S. Federal Trade Commission's Advanced Notice of Proposed Rulemaking for privacy and data security has been filed to the Federal Register, thus opening the 60-day public comment period.
More

Axios reports on how the perceptions of privacy among U.S. residents are hampering U.S. Congress' work on federal privacy legislation.
More

The U.S. National Institute of Standards and Technology is seeking public comments on the second draft of its Artificial Intelligence Risk Management Framework.
More

Enforcement

The European Data Protection Board issued a binding decision under the EU General Data Protection Regulation's Article 65 dispute resolution mechanism related to a 600,000 euro fine handed down by France's data protection authority, the Commission nationale de l’informatique et des libertes.
More

Politico reports U.S.-based Big Tech companies are planning efforts to comply with or challenge the EU More

Asia-Pacific

Australia Attorney-General Mark Dreyfus and Minister for Trade and Tourism Don Farrell jointly announced the country joined the Global Cross-Border Privacy Rules Forum. 
More

Members of Indian Parliament could exclude provisions for a data protection authority when drafting a More

According to Baker McKenzie's Connect on Tech blog, Vietnam's government issued a decree outlining provisions of the Cybersecurity Law. 
More

EU

The European Parliament called for updating the EU Consumer Credits Directive, which would partially entail regulating artificial intelligence-based loan decision-making. 
More

The German state Baden-Württemberg Commissioner for Data Protection and Freedom of Information released a dissenting opinion over a recent decision on data transfers by the Baden-Württemberg Public Procurement Chamber.
More

US

California Privacy Protection Agency Executive Director Ashkan Soltani wrote a letter to U.S. House Speaker Nancy Pelosi, D-Calif., and House Minority Leader Kevin McCarthy, R-Calif., doubling down on its opposition to the proposed American Data Privacy and Protection Act.
More

The New York State Assembly is considering Assembly Bill 10677, which aims to prohibit geofencing that allows advertisers to serve targeted ads that harass abortion seekers and discourage them from going through with abortion services. 
More

Guidance

The Philippines’ National Privacy Commission issued guidance on how the agency issues the Circular on Administrative Fines for data privacy violations. 
More

The Office of the Privacy Commissioner of Canada released the results of its biannual survey gauging organizations' privacy practices and compliance measures. 
More

Latvia's data protection authority, the Data State Inspectorate, published a blog post explaining the role of a More

Slovenia's data protection authority, the Information Commissioner, created an infographic explaining the concept of personal data. 
More

ICYMI

AnJie Law Firm's Samuel Yang, Christopher Fung and Leann Wu explored the potential use of transfer rules from China's National Information Security Standardization Technical Committee and how they may fit Article 38's legal path for transfers through certification measures.
More