In this week’s Privacy Tracker legislative roundup, take a look at the three bills being considered at the federal level aiming to update the United States’ Electronic Communications Privacy Act and a California bill tackling the same issue at the state level that has garnered lots of support. In Germany, a bill that would extend consumer rights organizations’ ability to sue on behalf of consumers may change the face of privacy enforcement in that country. And in The Netherlands, the lower house has passed data breach notification legislation.

LATEST NEWS

Out-Law.com reports on the potential changes that may come with a German bill to extend consumer rights organizations’ ability to sue on behalf of consumers.

Telecompaper reports, the lower house of the Dutch parliament has approved legislation requiring organizations to report data breaches

ADVERTISEMENT

Syrenis ad, a privacy professional's AI checkilist

Biometric Update reports, the United Arab Emirates intends to establish a free zone for financial services on Al Maryah Island and employee privacy will be a major component of the effort.

Sen. Tom Carper (D-DE) introduced the Cyber Threat Intelligence Sharing Act which would enhance cybersecurity information sharing between the private sector and the Department of Homeland Security, reports The Hill.

Sen. Edward Markey (D-MA) has announced plans to introduce legislation to protect data created by connected cars, reports CQ Roll Call.

A bi-partisan duo introduced to the House the Privacy Notice Modernization Act, which would amend the Gramm-Leach-Bliley Act to require credit unions to send privacy notices to members only when the credit union changes its privacy policy, reports The Hill.

An Arizona House panel has advanced the revised version of a revenge porn law previously opposed by civil liberties groups, reports Arizona Daily Sun.

The Charlotte Observer reports, the Arizona Senate is debating two surveillance related bills. One that would bar state or local government officials from helping gather computer tracking data for a federal agency and the other would require federal agencies to get permission from local sheriffs before conducting searches or arresting individuals in most cases.

California Assemblywoman Marie Waldron (R-Escondido) has proposed a bill to create a taskforce to assure the state’s needs are met as the Federal Aviation Administration devises plans to deal with commercial drone use, U-T San Diego reports.

Following the Anthem hack, Connecticut’s Democratic Senate leaders proposed a bill requiring insurance companies operating in the state to encrypt all personal information they store and transmit, Amity Observer reports.

Florida is considering a bill that would allow individuals to designate another to handle all digital assets and communications after their death, reports SecureIDNews.

A Florida bill aiming to legislate police use of body worn cameras is under fire for not considering the privacy of officers and civilians, Miami Herald reports.

Minnesota Judiciary Committee Chairman Ron Latz (DFL-St. Louis Park) has blocked from his committee a well-supported bill that would amend the state’s Constitution to include digital data in items protected from warrantless searches, reports StarTribune.

New Mexico State Rep. Bill Rehm (R-Bernalillo) has introduced an amended breach notification bill after the one he proposed last year was shot down, reports SC Magazine.

A New York City Council member intends to introduce legislation this week to require the Taxi and Limousine Commission to create a set of privacy policies for ride-hail companies in the city, reports BuzzFeed.

Both houses of the Washington state legislature are considering revenge porn bill that include civil liability, reports Kitsap Sun.

ICYMI

In this second Privacy Tracker post analyzing Canada's proposed Anti-Terrorism Act 2015, Timothy Banks, CIPP/C, of Dentons Canada looks at the Secure Air Travel Act, which "amends Canada's Passenger Protect Program and is a direct response to concerns about individuals departing Canada to engage in activities that promote terrorism abroad.”

U.S.

ECPA Reform in the U.S.

The Hill reports on three bills currently in front of Congress that aim to update the Electronic Communications Privacy Act:

  • The Email Privacy Act: Introduced by Reps. Kevin Yoder (R-KS) and Jared Polis (D-CO) this bill has broad support from lawmakers, and would require law enforcement to get a warrant before accessing emails older than 180 days.
  • The Law Enforcement Access to Data Stored Abroad Act: This bill introduced by Sen. Orrin Hatch (R-UT) would require law enforcement to obtain a warrant to access emails older than 180 days and would also allow the government to use a warrant to get access to Americans' data stored overseas.
  • The Online Communication and Geolocation Protection Act: Co-sponsored by Rep. Zoe Lofgren (D-CA), this bill would update ECPA to require a warrant for obtaining online communications and geolocation data.

Meanwhile, California is tackling the problem on the state level:

California Sen. Mark Leno (D-San Francisco) has introduced CalECPA which would impose a warrant requirement for police to access citizens’ e-mail or social media messages as well as to inspect their electronic devices, Sputnik News reports. The bill has the support of the Center for Democracy and Technology, the Electronic Frontier Foundation, the California ACLU and the tech industry

The Privacy Advisor reports on a House of Representatives committee hearing on improving existing federal student privacy law, featuring testimony from industry, academia, advocacy and school practitioners.

EU

BBC News reports, MEPs have "agreed to work towards a deal to share airline passenger data" before the year's end.

EurActiv reports MEPs approved a law allowing member states "to share information on car registries."

The Article 29 Working Party has told the European Commission that it supports a broad definition of health data, distinguishing the following three categories: Data is inherently/clearly medical data; data is raw sensor data that can be used in itself or in combination with other data to make conclusions about a person's health status or risk, or conclusions are drawn about a person's health status or risk., National Law Review reports.