In this week's global legislative roundup, Goodwin Partners Gabe Maldoff and Omer Tene break down France's data protection authority, the Commission nationale de l'informatique et des libertés, new guidance on processor's reuse of data. Austria's DPA said using Google Analytics violates the EU General Data Protection Regulation. The Digital Markets Act trilogues began and, in the U.S., a number of state privacy laws were introduced.

The latest

In response to the Privacy Act Review Discussion Paper by the Attorney General’s Department, the Office of the Australian Information Commissioner released recommendations on potential privacy reforms.
More

A constitutional amendment proposed in Maine would add privacy as a natural right and require a warrant before law enforcement can seize electronic data or communications, the Portland Press Herald reports.
More

Virginia lawmakers will consider bills that would amend the Virginia Consumer Data Protection Act prior to its Jan. 1., 2023, enactment, according to Husch Blackwell's "Byte Back."
More

ICYMI

Goodwin Partners Gabe Maldoff and Omer Tene provided an analysis of France's data protection authority, the Commission nationale de l'informatique et des libertés, new guidance on the reuse of personal data by processors for their own purposes under the EU General Data Protection Regulation. 
More

Enforcement

Austria's Data Protection Authority ruled the use of Google Analytics violates the EU GDPR, Euractiv reports.
More

Norway's DPA, Datatilsynet, fined Elektro & Automasjon Systemer NOK 200,000 for conducting a credit assessment without a processing basis as required under the Privacy Ordinance.
More

Norway's Datatilsynet also fined the Østre Toten municipality DKK 4 million following a January 2021 data breach that exposed approximately 30,000 documents containing sensitive data about residents and employees.
More

Europol said the European Data Protection Supervisor’s order that it delete data of individuals not linked to a criminal activity jeopardizes investigations, Politico reports.
More

U.S. Federal Communications Commission Chairwoman Jessica Rosenworcel proposed increased data breach reporting requirements for internet service providers, Nextgov reports. 
More

Asia-Pacific

India's Ministry of Electronics and Information Technology is preparing a note on the Personal Data Protection Bill for consideration by cabinet ministers, Inc42 reported.
More

Europe

The European Data Protection Supervisor sanctioned the European Parliament for violating regulations on data transfers and cookie consent, TechCrunch reported.
More

European Parliament, the European Commission and the Council of the European Union commenced final negotiations for the passage of the Digital Markets Act.
More

U.S.

According to a blog post from Shook, Hardy & Bacon Partner Al Saikali, CIPP/E, CIPP/US, CIPT, FIP, PLS, state Sen. Jennifer Bradley, R-Fla., reintroduced the Florida Privacy Protection Act.
More

A constitutional amendment proposed in Maine would add privacy as a natural right and require a warrant before law enforcement can seize electronic data or communications, the Portland Press Herald reports.
More

Several privacy bills were raised during the opening of the Washington State Legislature.
More

U.S. Sens. Bill Cassidy, R-La., and Ray Lujan, D-NM, along with Rep. Lori Trahan, D-Mass., introduced the Terms-of-service Labeling, Design and Readability Act.
More

Reuters reports the U.S. Chamber of Commerce sent a letter to members of Congress on the need to pass federal privacy legislation.
More

Privacy operations management

The Turkish data protection authority, Kişisel Verileri Koruma Kurumu, is seeking feedback on a newly released draft guide for data controllers processing personal data through cookies.
More