In this week’s global legislative roundup, India’s Personal Data Protection Bill, 2019 is expected to be tabled in the upcoming Budget session. Germany’s State Commissioner for Data Protection in Lower Saxony issued its highest EU General Data Protection Regulation fine to date. And in the U.S., legislators have reintroduced privacy bills in Washington and New York states.
LATEST NEWS
The final draft of India's Personal Data Protection Bill, 2019 will likely be tabled during the Budget session of Parliament beginning Jan. 29, the Economic Times reports.
More
The U.S. Federal Deposit Insurance Corporation, Department of the Treasury, and Federal Reserve System issued a notice of proposed rulemaking Dec. 18 for a 36-hour data breach reporting requirement.
More
The Washington Senate Committee on Environment, Energy & Technology will hold a public hearing Jan. 14 on the revamped Washington Privacy Act.
More
A bill currently residing in the New York State Assembly would require companies to disclose deidentification methods, place safeguards around data sharing, and fund an office dedicated to privacy and data protection.
More
ENFORCEMENT
France's data protection authority, the Commission nationale de l'informatique et des libertés, fined two doctors 3,000 and 6,000 euros, respectively, for not sufficiently protecting patients’ personal data in violation of two articles of the EU General Data Protection Regulation.
More
The CNIL also fined Perfomeclic 7,300 euros and fined meal delivery company Nestor 20,000 euros, both for violations of the Postal and Electronic Communications Code and the GDPR.
More
Germany's State Commissioner for Data Protection in Lower Saxony issued a 10.4 million euro fine to retailer notebooksbilliger.de for monitoring its employees over a two-year span without a legal basis.
More
Germany's Federal Network Agency, Bundesnetzagentur, imposed a fine of 145,000 euros against call center Cell It for unauthorized telephone advertising.
More
Indonesia's Ministry of Communication and Information Technology published its draft "2020–2024 Strategic Plan."
More
Italy's data protection authority, the Garante, launched an online service to help simplify compliance in the event of a data breach. The service includes access to a notification model and self-assessment procedure.
More
Norway's data protection authority, Datatilsynet, fined Gveik AS NOK 75,000 for processing data for a credit assessment without a legal basis.
More
Poland's data protection authority, Urząd Ochrony Danych Osobowych, announced a PLN 1 million fine against ID Finance Poland for insufficient data security measures that led to a data breach.
More
The U.K. High Court ruled general warrants cannot be used to conduct mass surveillance, Forbes reports.
More
The U.K.’s Information Commissioner’s Office sentenced a motor industry employee to eight months in prison and a suspension for two years for violating the Computer Misuse Act.
More
The U.S. Federal Trade Commission announced a $650,000 settlement with toy manufacturer VTech Electronics for violations of the Children's Online Privacy Protection Act and FTC Act.
More
ASIA-PACIFIC
The Civil Code of the People's Republic of China went into effect Jan. 1, China Daily reports.
More
South Korea's Personal Information Protection Committee released the final draft of amendments to the Personal Information Protection Act 2011 for public consultation.
More
MIDDLE EAST
Israel's Privacy Protection Authority, Competition Authority, and Consumer Protection and Fair Trade Authority have published a policy paper on the main considerations to be taken into account for adopting data portability rights.
More
EU
The Portuguese Presidency of the Council of the European Union published the latest draft of the proposed ePrivacy Regulation, according to Covington's "Inside Privacy" blog.
More
US
The California Supreme Court heard oral arguments in a case alleging that recording a phone conversation without consent is a violation of state privacy law, Bloomberg Law reports.
More
An update to Illinois’ Student Online Personal Protection Act will enable parents to review and correct their child’s data that is held by schools or affiliated online services and request its removal in some instances, WSIU Public Broadcasting reports.
More
New York lawmakers introduced the Biometric Privacy Act. The proposed bill would require private entities in possession of biometric information to develop written policies outlining data retention and deletion schedules, as well as obtain consent before sharing any data.
More
The Kansas Legislature is considering rewriting a law that allows an individual exposed to COVID-19 to refuse to disclose close contacts to health officials, as Republicans say they want to ensure privacy remains protected, The Associated Press reports.
More
Photo by Francis Valadj from FreeImages
