In this week’s global legislative roundup, India prepares a new data protection bill ahead of Parliament’s Budget Session in January. European Data Protection Board Chair Andrea Jelinek touted the cross-border cooperation among national data protection authorities. Stakeholders outline their positions on the proposed American Data Privacy and Protection Act. And Norway’s data protection authority takes issue with the Irish Data Protection Commission’s draft decision on Meta’s EU-U.S. data transfers.
The Latest
The Hindu reports Indian Minister of Railways, Communications and Electronics and Information Technology Ashwini Vaishnaw indicated a fresh data protection bill will be published for public comments soon and hopefully be tabled during Indian Parliament's Budget Session in January 2023.
More
In an interview with Netzpolitik, European Data Protection Board Chair Andrea Jelinek defended harmonized enforcement of the EU General Data Protection Regulation, saying authorities have "very good and unexcited, cross-border cooperation."
More
The U.S. Federal Trade Commission filed a lawsuit against Kochava over its alleged sale of geolocation data that can be used to track individuals to sensitive locations.
More
Forty-eight advocacy groups joined on a letter asking U.S. House Speaker Nancy Pelosi, D-Calif., to consider and pass the proposed American Data Privacy and Protection Act.
More
Enforcement
The Office of Information and Privacy Commissioner of British Columbia published its 2021-2022 annual report.
More
The Office of the Information and Privacy Commissioner of Saskatchewan announced updates to its rules of procedures for processing reviews and investigations related to access to information requests and privacy complaints will take effect Sept. 1.
More
The U.S. Department of Health and Human Services Office for Civil Rights fined New England Dermatology and Laser Center $300,640 for violating the Health Insurance Portability and Accountability Act Privacy Rule.
More
Africa
Kenya created a requirement for startups that process personal data to register with the Office of the Data Protection Commissioner, PYMNTS.com reports.
More
Asia-Pacific
Turkey’s data protection authority, the Kişisel Verileri Koruma Kurumu, published draft guidelines for the processing of genetic data.
More
EU
The Czech Presidency of the Council of the European Union released its latest compromise text for the proposed Data Act, Euractiv reports.
More
Politico reports Norway's data protection authority, Datatilsynet, is among the authorities objecting to the Irish Data Protection Commission's draft decision over Meta's EU-U.S. data transfers.
More
US
The California Senate amended Assembly Bill 2273, the California Age-Appropriate Design Code, on third reading.
More
Guidance
The Office of the Data Protection Authority of Guernsey published a guide for applying the seven principles of the Data Protection Law 2017 to employee privacy.
More
ICYMI
While China has pursued passing multiple data security laws in recent years, cross-border data sharing rules are still being finalized. Mastercard Senior Vice President, Assistant General Counsel for Privacy and Data Protection Derek Ho, CIPP/US, CIPM, and Senior Counsel Mandy Zhu, CIPP/A, CIPP/E, CIPP/US, CIPM, CIPT, FIP, explain how some details trickling out are familiar, while others raise questions and contain implications to ensure compliance.
More
Two years removed from the Court of Justice of the European Union’s invalidation of Privacy Shield, a legal framework for lawful EU-U.S. data transfers is still in the works. Journalist Luca Bertuzzi reports on the reasons behind the data localization push.
More
California Attorney General Rob Bonta announced the first enforcement action under the California Consumer Privacy Act, a $1.2 million settlement with multinational retailer Sephora over violations of the law's "Do Not Sell" provisions. IAPP Staff Writer Joe Duball has details from the attorney general's announcement and reactions to the enforcement milestone.
More
