In this week’s Global News Roundup, France's data protection authority, the Commission nationale de l'informatique et des libertés, issued fines to both Apple and Microsoft. The Washington D.C. attorney general’s office entered a settlement with Google over dark patterns that revealed user location data. And, Ireland's Data Protection Commission announced an inquiry into the potential compromise of more than 5 million Twitter accounts.
The Latest
The U.S. Federal Communications Commission voted 4-0 to file a Notice of Proposed Rulemaking to data breach reporting requirements for telecommunications providers.
More
Enforcement
France's data protection authority, the Commission nationale de l'informatique et des libertés, fined Apple 8 million euros over alleged nonconsensual advertisement tracking.
More
France’s CNIL fined Microsoft 60 million euros for alleged third-party cookie violations.
More
Ireland's Data Protection Commission announced an own-volition inquiry into the potential compromise of more than 5 million Twitter accounts reported in November 2022.
More
Poland's data protection authority, the Urząd Ochrony Danych Osobowych, fined a telecommunications operator PLN 250,000 for failure to notify of a personal data breach in violation of the Telecommunications Act.
More
The Office of the Attorney General for the District of Columbia announced a $9.5 million settlement with Google over use of "dark patterns" that led to user location data collection.
More
Georgia-based, Life Hope Labs reached a $16,500 settlement with the Office for Civil Rights at the U.S. Department of Health and Human Services over a potential violation of the Health Insurance Portability and Accountability Act Privacy Rule's right of access provision.
More
Europe
The director of Belarus' National Center for Personal Data Protection signed an order implementing rules for the cross-border transfer of personal data.
More
U.S.
Kentucky State Sen. Whitney Westerfield, R-Ky., reintroduced Senate Bill 15 to the state Senate.
More
New York Senate Bill 365, the New York Privacy Act, was re-filed and assigned to the Senate Committee on Consumer Protection.
More
Tennessee Senate Bill 73, the Tennessee Information Protection Act, was introduced.
More
Washington House Bill 1155, the My Health My Data Act, was pre-filed ahead of the 2023 legislative session Jan. 10.
More
Guidance
The Philippines' National Privacy Commission amended its document outlining provisions of its guidelines on personal data processing for loan-related transactions.
More
ICYMI
Recent penalties levied under Article 6 of the EU General Data Protection Regulation by the Irish Data Protection Commission against Meta are making waves across the privacy community. IAPP Principal Researcher, Privacy Law and Policy Müge Fazlioglu, CIPP/E, CIPP/US, created an infographic outlining the scope of Article 6 lawful bases, further considerations for determining when each applies and relevant recitals.
More
Ireland's Data Protection Commission adopted final decisions on two inquiries into Meta's Facebook and Instagram, fining the company a total of 390 million euros and potentially leading to an upheaval of its personalized advertising model in the EU. IAPP Staff Writer Jennifer Bryant has details and initial reactions.
More
Following the California Privacy Rights Act and Virginia's Consumer Data Protection Act coming online Jan. 1, three other state privacy statutes will go into effect later this year. IAPP Staff Writer Joe Duball spoke with privacy professionals about immediate compliance concerns with California and Virginia.
More
