In this week’s global legislative roundup, WhatsApp could face a 50 million euro fine for allegedly failing to adhere to EU General Data Protection Regulation transparency requirements. In the U.S., the Biden administration appointed Christopher Hoff, CIPP/E, CIPP/US, CIPM, as deputy secretary for services at the Department of Commerce to oversee negotiations for a replacement Privacy Shield, and Rebecca Kelly Slaughter has been named acting chair of the Federal Trade Commission.
LATEST NEWS
WhatsApp could face fines up to 50 million euros for alleged violations of the EU General Data Protection Regulation after Ireland’s Data Protection Commission found the messaging application failed to adhere to the transparency requirements under the GDPR, Politico reports.
More
Italy’s data protection authority, the Garante, ordered TikTok to block the accounts of users within the country whose age cannot be verified, Reuters reports.
More
The High Court of Justice considered the first U.K. case involving the application of the territorial scope of the GDPR, according to Hunton Andrews Kurth’s Privacy & Information Security Law Blog.
More
ICYMI
The Biden administration appointed Christopher Hoff, CIPP/E, CIPP/US, CIPM, as deputy secretary for services at the U.S. Department of Commerce, overseeing negotiations for a replacement Privacy Shield. For The Privacy Advisor, IAPP Research Director Caitlin Fennessy, CIPP, explored why this is an early sign of the administration’s intention to focus on privacy policy in the international realm.
More
BDO Partner and Governance, Risk & Compliance Practice Leader Karen Schuler, CIPP/E, CIPP/US, CIPM, FIP, wrote for Privacy Perspectives a federal privacy law would be beneficial for the U.S. and advises companies to take proactive steps to update their data practices.
More
In this fourth installment of a 10-part series for The Privacy Advisor examining the top operational impacts of the California Privacy Rights Act, IAPP Westin Fellow Nicole Sakin looked at expanded rights and obligations included in the CPRA.
More
For Privacy Tracker, Covington & Burling’s Zhijing Yu and Vicky Liu looked at the five key issues brought forth by comments on China’s draft Personal Information Protection Law and how they may shed more light on the road ahead for China’s privacy law.
More
Morrison & Foerster’s Lokke Moerel and Ronan Tigner explored the importance of the Court of Justice of the European Union advocate general’s one-stop-shop opinion and clarify some misconceptions for Privacy Perspectives.
More
Also for Privacy Perspectives, Morrison & Foerster Partner Alja Poler de Zwart wrote guidance from the U.K. Information Commissioner’s Office and the Netherlands’ Autoriteit Persoonsgegevens limiting the response period for data subject requests “imposes unreasonable burdens on organizations in the midst of a large security breach.”
More
ENFORCEMENT
The Office of the Privacy Commissioner of Canada is weighing whether to launch an investigation into privacy violations by MindGeek, The Toronto Star reports.
More
The European Commission published a proposal to amend the Data Protection Law Enforcement Directive to align with data protection rules.
More
Norway’s data protection authority, Datatilsynet, issued a pair of NOK 400,000 fines for GDPR violations to Coop Finmark and an unnamed company.
More
U.S. President Joe Biden named Rebecca Kelly Slaughter, who has been outspoken against the abuse of consumer data, as the acting chair of the U.S. Federal Trade Commission. Biden also designated Jessica Rosenworcel as acting chair of the Federal Communications Commission.
More
ASIA-PACIFIC
In its submission to the Australian attorney general as part of its review of the Privacy Act 1988, the Office of the Australian Information Commissioner called for enhanced regulatory powers via amendments, ZDNet reports.
More
The Hindu reports petitions to review India’s Aadhaar identification system were rejected by the Supreme Court, upholding Parliament’s passage of the law establishing the system.
More
EUROPE
The German Federal Government passed a draft law adapting the country’s information technology laws, according to Covington & Burling’s Inside Privacy blog.
More
LATIN AMERICA
Approximately 55% of central government organizations have appointed data protection officers in compliance with Brazil’s General Data Protection Law, ZDNet reports.
More
US
The Center for Democracy and Technology is suing the U.S. Department of Homeland Security over allegations that two immigration agencies failed to respond to requests for records on data use, Gizmodo reports.
More
A new law enacted in Massachusetts prevents personal data from being accessed in warrantless searches, according to the Electronic Privacy Information Center.
More
Virginia and Oklahoma have become the latest U.S. states to propose privacy legislation, according to Husch Blackwell’s Data Privacy and Cybersecurity Legal Resource Byte Back.
More
The Washington State Senate Committee on Environment, Energy & Technology passed the latest iteration of the Washington Privacy Act.
More
GUIDANCE
Denmark’s data protection authority, Datatilsynet, highlighted areas of focus in 2021.
More
France's data protection authority, the Commission nationale de l'informatique et des libertés, Superior Audiovisual Council, Defender of Rights, and Hadopi have partnered to release an educational kit for digital citizens.
More
The French DPA also published a second opinion on the functioning of contact tracing and other systems used to combat the COVID-19 pandemic that process personal data.
More