In this week’s Privacy Tracker weekly legislative roundup, read about Smart Dubai’s announcement of a new framework for how government agencies and private partners publish and share data. India’s Information Technology minister has said he expects soon the data protection committee’s report paving the way for a data protection law in the country. In Europe, the Article 29 Working Party has released revised guidance for complying with the EU General Data Protection Regulation. And in the U.S., a Senate committee questioned nominees for the Federal Trade Commission; Colorado is considering a revised breach notification bill and employing blockchain to protect government data; and Nebraska Gov. Pete Ricketts signed into law the Automatic License Plate Reader Privacy Act.
LATEST NEWS
Bahrain’s Cabinet has announced new powers for law enforcement to penalize individuals who publicly post “news, pictures or comments related to the private or family lives of individuals … whenever the purpose is to offend them,” News of Bahrain reports.
More
Smart Dubai has announced data policies that it developed with Supreme Legislation Committee, which sets a framework for how government agencies and private partners publish and share data, ITP.net reports.
More
India’s Information Technology Minister Ravi Shankar Prasad has said the committee on data protection will soon submit its report, but was noncommittal on whether a law will be presented in this session of Parliament, NDTV reports.
More
Israel’s Ministry of Health has released a memo outlining new regulations for data governance in the health sector, BW Disrupt reports.
More
A California Assemblyman has proposed legislation requiring social media companies to obtain clear permission from parents of all minors before allowing them to use the services, the Tribune News Service reports.
More
Capital Public Radio reports that a bill in front of the California Assembly would prohibit marijuana retailers from selling customer data to third-parties without the customer’s consent.
More
Colorado’s Legislature is considering an amended data security and breach notification bill that would require businesses to notify state residents of a breach within 30 of its discovery, The National Law Review reports.
More
Nebraska Gov. Pete Ricketts has signed into law the Automatic License Plate Reader Privacy Act, Omaha World-Herald reports.
More
Oregon Attorney General Ellen Rosenblum testified before the Oregon Senate Judiciary Committee in support of data breach legislation that would give businesses 45 days to report data breaches, Legal Newsline reports.
More
ICYMI
The third installment of the IAPP’s Top 10 operational responses to the GDPR series addresses data protection governance, from appointing privacy leadership — including a data protection officer, when necessary — to developing policies and procedures for data management and training personnel on best privacy practices.
More
In this Privacy Tracker post, Bruno Bioni highlights three topics are on track to heat up the data protection debate in Brazil in the coming year.
More
The CNIL provides a six-step methodology to help put organizations on the path to compliance as they navigate the requirements set forth by the EU General Data Protection Regulation. The IAPP has coupled the recommended steps with tools and guidance available in the IAPP Resource Center.
More
The U.S. Senate Committee on Commerce, Science, and Transportation yesterday brought together President Donald Trump's four nominees to the Federal Trade Commission ahead of a vote on whether to confirm them. Angelique Carson, CIPP/US, has the story in this report for The Privacy Advisor.
More
US
As part of the 2018 National Defense Authorization Act, the inclusion of Article 117a allows the military justice system to prosecute service members for maliciously distributing sexually explicit images, the Army News Service reports.
More
Nextgov reports that although U.S. President Donald Trump’s fiscal year budget for 2019 allocates a 4 percent overall increase to cybersecurity funding, it will also result in an 18 percent cut to the main cyber standards organization, the National Institute of Standards and Technology.
More
A bipartisan bill proposing the use of blockchain technology for governmental data security was introduced in the Colorado Senate last week, StateScoop reports.
More
ASIA-PACIFIC
The first implementation of the new Consumer Data Right is set to take force under the open banking regime, ZDNet reports. Under the Consumer Data Right, individuals are able to access transaction and product usage of data concerning their banking, energy and telecommunications data and are able to control how the data is used and who can have access to it. King & Wood Mallesons published a report with several recommendations, which will undergo a period of public comment until March 23.
More
CANADA
Ontario Information and Privacy Commissioner Brian Beamish is asking the city of Hamilton to reconsider its plan to amend its current laws surrounding CCTVs, Global News reports.
More
The town of Paradise has adopted changes based on recommendations made by Newfoundland and Labrador Privacy Commissioner Donovan Molloy, CBC News reports. Paradise will revise its policies on the retention of election records following an incident where the town council destroyed records that were not covered by the Municipal Elections Act.
More
EUROPE
The Article 29 Working Party has released updated guidelines on automated decision-making, profiling and data breach notification under the EU General Data Protection Regulation.
The Article 29 Working Party, the collection of data protection authorities in the EU, is currently seeking public comment on the Guidelines on Article 49 of the General Data Protection Regulation.
More
The Article 29 Working Party released three working documents Friday, as well as a letter of the Chair to the European Travel Agents' and Tour Operators' Association. Two of the working documents refer to Binding Corporate Rules, one for processors and one for controllers. The third working document focuses on Adequacy Referential.
More