![Default Article Featured Image_laptop-newspaper-global-article-090623[95].jpg](https://images.contentstack.io/v3/assets/bltd4dd5b2d705252bc/blt61f52659e86e1227/64ff207a8606a815d1c86182/laptop-newspaper-global-article-090623[95].jpg?width=3840&quality=75&format=pjpg&auto=webp)
In this first Privacy Tracker legislative roundup of 2016, read about laws passed and enacted in China, Colombia, and the Netherlands. Also, Germany’s Bundestag has adopted a law allowing consumer advocates to sue companies for violating the data protection law, and in Cyprus, the president wants amendments to a recently passed communications privacy bill. In the U.S., Sen. Al Franken, D-Minn., has reintroduced his anti-stalker app bill and government officials are supposed to be deciding soon on whether the TSA will start enforcing the Real ID Act — which is 10-years old now. And who could forget about the GDPR — we’ve got lots of coverage to help you navigate those waters too.
LATEST NEWS
China’s National People’s Congress has enacted a new counter-terrorism law imposing new obligations on sectors such as telecommunications providers, reports Inside Privacy.
Hogan Lovells’ Chronicle of Data Protection reports, Colombia’s Data Protection Authority is giving certain data controllers until November 8 to register their databases according to a regulation issued November 3.
Cyprus President Nicos Anastasiades has sent the recently passed communications privacy bill back to parliament asking for an amendment. In-Cyprus reports the bill gives authorities the right to access the contents of private communications.
Germany’s Bundestag has adopted a draft law that would allow “consumer protection associations to bring lawsuits against companies for improper use of consumer data in violation of German data protection law,” reports Hunton & Williams’ Privacy & Information Security Law Blog.
The Netherlands amended Data Protection Act and Telecommunciations Act went into effect on January 1, with increased fines for and mandatory notification of breaches reports Morrison Foerster.
Three years after the Data Privacy Act was enacted, The Philippines still has no National Privacy Commission and business leaders are pushing for the government to establish it immediately, BNA reports.
U.S. government officials say it will soon decide whether the U.S. Transportation Security Administration will start to enforce the 10-year-old Real ID Act that would mean some driver’s licenses may not be adequate identification to board a plane, the New York Times reports.
Sen. Al Franken, D-Minn., has introduced the Location Privacy Protection Act for the third time, which aims to put a stop to stalking apps, reports GPS World.
The Hill lists “cybersecurity lawmakers to watch in 2016,” including Sens. Richard Burr (R-N.C.), Dianne Feinstein (D-Calif.) and Ron Wyden (D-Ore.), and Reps. Michael Mccaul (R-Texas), Jim Langevin (D-R.I.), and Adam Schiff (D-Calif.) among others.
U.S. News reports that California’s new student privacy law went into effect at the start of the year—unique because “it applies to all education websites, online services and apps, regardless of whether they have a contract with states and schools.”
Three Vermont senators have prefiled a bill to restrict the use of drones and bar the disclosure of information obtained via the device without a warrant, reports Tenth Amendment Center.
Wyoming lawmakers are proposing a bill that would require the state’s Department of Education to draft a statewide data privacy policy, and protect the privacy of students’ social media accounts, Casper Star Tribune reports.
ICYMI
In this Privacy Tracker blog post, the Hogan Lovells Privacy Team sums up the cybersecurity provisions passed as part of a spending bill at the end of 2015 and what privacy pros need to know about them.
In the first two posts of the IAPP series Top 10 operational impacts of the GDPR, IAPP Research Director Rita Heimes outlines the cybersecurity and data breach notification obligations (part one) and the mandatory DPO requirement (part two) in the regulation to help organizations in their compliance efforts.
IAPP Westin Fellow Gabriel Maldoff writes for Privacy Tracker that the Network Information Security Directive and the General Data Protection Regulation will come together to create a new breach regime in the EU.
In this second of a three-part series for The Privacy Advisor, Tiffany Li, CIPP/US, CIPP/E, CIPM, CIPT, and Zhou Zhou delve into the cultural and historical factors that influence the development and application of Chinese privacy law, as well as offer practical lessons and hypothetical case studies for how to proactively help your company or organization succeed in China.
U.S.
Rep. Randy Neugebauer, R-Texas, will champion data breach legislation in early 2016, hoping to fuse two different bills into one, The Hill reports.
In light of executive actions taken Tuesday by President Barack Obama toward curbing gun violence, the HIPAA Privacy Rule has been slightly modified, but, according to HealthcareInfoSecurity, most providers will not be affected by the change.
The Fairness in Class Action Litigation of 2015 bill is headed to the U.S. House and, if passed, would keep class-action suits seeking financial recompense from being certified unless all plaintiffs can prove they "suffered the same type and scope of injury." Critics are up in arms, Modern Healthcare reports.
ASIA PACIFIC
A new mandatory reporting regime in Australia will require by law that breaches involving personal data, tax file information, or credit ratings be reported to the Australian Information Commissioner as well as affected consumers, Financial Review reports.
A panel of experts has decided genomic information should be considered personal information under Japan’s newly revised privacy act approved in September, Lawyer Herald reports. The government plans to add rules this year to cover grey areas surrounding protecting genomic data.
Qatar's cabinet has approved a draft privacy law aiming to protect citizens against spam, Outlaw.com reports. Qatar's Advisory Council will now look at the draft.
CANADA
The Information and Privacy Commissioner of Ontario released “FIPPA and MFIPPA: Bill 8 — The Recordkeeping Amendments," to help organizations comply with the Public Sector and MPP Accountability and Transparency Act, 2014, that went into effect on January 1.
EUROPE
In a recently published opinion, European Data Protection Supervisor Giovanni Buttarelli called for enhanced controls on the export of technologies used for communications surveillance and interception, The Register reports.