In this week’s Privacy Tracker weekly roundup, read about Singapore’s draft Healthcare Services Bill, which would restrict the sharing of health data stored in the National Electronic Health Records database. In the U.K., an amendment has been added to the data protection bill to provide relief to security researchers, and the Information Commissioner’s Office recently issued fines for nuisance marketing, lax security and the use of private detectives by an insurance company. In the U.S., Congress extended Section 702 of the Foreign Intelligence Surveillance Amendments Act; two senators introduced the Data Breach Prevention and Compensation Act, which would set mandatory penalties for data breaches at credit reporting agencies; the Connecticut Supreme Court has established a right to medical privacy; and lots more.
LATEST NEWS
BNA reports, the Council of the European Union will open negotiations with the European Parliament on a new law to ease the flow of non-personal data in an effort to the region’s digital single market.
More
Telecompaper reports that the Dutch data protection authority has appointed four new directors.
More
Singapore’s draft Healthcare Services Bill would restrict the sharing of health data stored in the National Electronic Health Records, reports Straits Times.
More
The U.S. House has passed an act requiring the Department of Homeland Security to prepare a report outlining policies and procedures it has developed to coordinate cybersecurity disclosures, reports The National Law Review.
More
The Connecticut Supreme Court has established a right to medical privacy, allowing patients to sue health care providers that fail to keep their medical records safe, reports Courthouse News.
More
A bill is moving through Florida’s House aiming to eliminate fees for data breach victims who want to place a credit freeze on their credit reports, reports WLRN.
More
North Carolina’s attorney general and Sen. Josh Stein have introduced legislation requiring companies to report a data breach to the AG and consumers within 15 days, reports Healthcare IT News.
More
Oregon’s governor has appointed its first public records advocate, who will be responsible for resolving disputes over records requests and to lead its Public Records Advisory Council in examining policies and practices, reports KTVZ.
More
A Rhode Island state senator has introduced a bill that would require businesses to disclose the personal information they have collected on R.I. customers online, reports Warwick Post.
More
The Wisconsin Senate is considering a bill to exempt certain police body camera footage from open records request without the consent of the individuals involved in the footage, reports the Marquette Wire.
More
ICYMI
In this installment of the Privacy Tracker GDPR matchup series, Alex Wall, CIPP/E, CIPP/US, CIPM, compares the provisions of the GDPR with South Korea's Personal Information Protection Act.
More
Timothy Banks, CIPP/C, CIPM, writes for Privacy Tracker about two decisions out of Canada's Supreme Court helping to clarify privacy in text messaging, noting that they "also demonstrate that courts in Canada are still struggling with the implications of any privacy interests in text messages."
More
In this quick-and-dirty special edition of The Privacy Advisor Podcast IAPP Westin Fellow Lee Matheson, CIPP/E, CIPP/US, talks to Angelique Carson, CIPP/US, on what privacy pros should know Thursday’s vote to renew Section 702 of the Foreign Intelligence Surveillance Amendments Act for six years.
More
The odds that the Federal Communication Commission's repeal of Obama-era net neutrality rules will be reversed look increasingly likely. In this exclusive for The Privacy Advisor, Angelique Carson, CIPP/US, looks at what a repeal of the rules would mean, and why the 9th Circuit decision on AT&T v. FTC complicates matters a bit.
More
Diego Fernandez of Marval, O'Farrell & Mairal writes for Privacy Tracker about Argentina's new Agency of Access to Public Information.
More
The U.S. Federal Trade Commission has announced its first-ever enforcement action against a connected-toy manufacturer. After a two-year investigation in collaboration with the Office of the Privacy Commissioner of Canada, which in turn collaborated with Hong Kong's PCPD, the FTC found that VTech Electronics and its U.S. subsidiaries violated the Children's Online Privacy Protection Act and the FTC Act and will pay a $650,000 fine. IAPP Staff Writer Molly Hulefeld reports on the case, in this exclusive for The Privacy Advisor.
More
US
Sens. Elizabeth Warren, D-Mass., and Mark Warner, D-Va., have introduced the Data Breach Prevention and Compensation Act, which would set mandatory penalties for data breaches at credit reporting agencies, American Banker reports.
More
The U.S. House of Representatives voted Thursday morning to renew Section 702 of the Foreign Intelligence Surveillance Amendments Act, USA Today reports.
More
Maryland's General Assembly is set to discuss the state’s paid sick-leave bill when it convenes later this week, The Washington Post reports. Gov. Larry Hogan vetoed the bill in its current form, citing concern over a provision that would allow businesses to ask for verification if more than two consecutive days of paid leave were needed.
More
ASIA PACIFIC
India’s Supreme Court is set to re-examine a colonial-era law outlawing sex between men, known as Section 377, after referring it to a larger bench for examination before October, the Guardian reports.
More
CANADA
The Office of the Information and Privacy Commissioner of Alberta said last year saw a record 162 breaches that posed a risk of significant harm to affected individuals, more than double any previous year, CBC reports.
More
EUROPE
The European Commission's Directorate-General for Justice and Consumers has issued a "Notice to stakeholders: withdrawal of the United Kingdom and EU rules in the field of data protection."
More
An amendment has been added to the U.K. data protection bill to provide relief to security researchers, the Guardian reports.
More
The U.K. Information Commissioner’s Office has charged four companies a combined total of 600,000 GBP for their role in disturbing people with nuisance marketing.
More
The U.K. Information Commissioner’s Office has fined Carphone Warehouse 400,000 GBP after a security vulnerability left one of its computer systems compromised in a 2015 cyberattack.
More
Marking the first conviction from an inquiry by the U.K. Information Commissioner’s Office into a company’s use of private detectives, insurance company Woodgate and Clark Ltd, as well as two senior staff, received fines totaling more than 150,000 GBP for illegally obtaining banking records during an investigation, the Guardian reports.
More