In this week’s global legislative roundup, Uber will pay a $9 million fine and provide sexual assault data under a settlement with the California Public Utilities Commission. The Federal Court of Canada sided with the Office of the Privacy Commissioner of Canada related to an individual's right to be forgotten and an investigation of alleged Personal Information Protection and Electronic Documents Act violations against Google. The European Data Protection Board adopted an urgent binding decision that rejected a request from Hamburg's data protection authority to ban data sharing between WhatsApp and Facebook.
LATEST NEWS
U.S. District Court for the Eastern District of California Judge William Shubb dismissed a proposed class-action lawsuit against Miniclip SA and Apple that alleged privacy and unfair competition law violations, Reuters reports.
More
In a settlement with the California Public Utilities Commission, Uber will pay a $9 million fine and provide data about riders and drivers who were sexually assaulted during trips, The Verge reports.
More
ICYMI
IAPP Research Director Caitlin Fennessy, CIPP/US, Hogan Lovells' Eduardo Ustaran, CIPP/E, and NOYB's Max Schrems came together on LinkedIn Live to review where things stand for privacy professionals in the aftermath of the Court of Justice of the European Union’s decision to strike down the EU-U.S. Privacy Shield.
More
As service providers consider implementing the European Commission’s newly revised standard contractual clauses with their EU customers, Chair of Baker McKenzie’s Global Data Privacy and Security Business Unit Brian Hengesbaugh, CIPP/US, Partner Michaela Nebel, CIPP/E, CIPP/US, and Senior Associate Lukas Feiler, CIPP/E, offer 10 do’s and don’ts.
More
Immuta’s Chief Legal Officer Andrew Burt, Research Scientist Alfred Rossi and Senior Privacy Counsel Sophie Stalla-Bourdillon explore the EU General Data Protection Regulation’s anonymization provisions.
More
ENFORCEMENT
The State Procon in Mato Grosso, Brazil, fined the Raia/Drogassi Pharmacy Network BRL $572,680 for collecting and processing customers' personal data without their full authorization.
More
Denmark’s data protection authority, Datatilsynet, fined quick test provider Charlottenlund Lægehus Medicals Nordic DKK 600,000 for processing individuals’ sensitive COVID-19 testing data without necessary measures.
More
Denmark’s Datatilsynet also recommended a fine of DKK 400,000 against Nordbornholms Byggeforretning ApS for sharing a former employee's criminal offenses with two customers.
More
The European Data Protection Board adopted an urgent binding decision that rejected a request from Hamburg's data protection authority, the Commissioner for Data Protection and Freedom of Information, to ban data sharing between WhatsApp and Facebook.
More
South Africa's Information Regulator issued a statement regarding the processing of personal information related to photographs.
More
Following an investigation of camera surveillance use at several fire stations in Östra Skaraborg, Sweden's DPA, Integritetsskyddsmyndigheten, determined the surveillance is “too far-reaching.”
More
The U.K. Information Commissioner’s Office issued a 25,000 GBP fine against transgender charity Mermaids after 780 pages of users’ confidential emails were exposed in a data breach.
More
The U.K. ICO also confirmed an investigation into an alleged data breach of Department of Health and Social Care CCTV footage, provided by EMCOR Group.
More
APAC
The Standing Committee of the Shenzhen Municipal People's Congress passed China's first local data law.
More
Member of Indian Parliament and Lok Sabha Speaker Om Birla said there will not be an extension for the joint committee on the Personal Data Protection Bill, 2019, The Hindu Business Line reports.
More
CANADA
The Federal Court of Canada sided with the Office of the Privacy Commissioner of Canada related to an individual's right to be forgotten and an investigation of alleged Personal Information Protection and Electronic Documents Act violations against Google.
More
EUROPE
European Parliament’s Committee on Civil Liberties, Justice and Home Affairs adopted a proposal to emphasize privacy and fundamental rights in the proposed Digital Services Act, Reuters reports.
More
Italy became the 12th country to ratify the modernized Convention 108+.
More
US
Connecticut Gov. Ned Lamont signed a law encouraging companies to improve cybersecurity, News 12 reports.
More
In a letter to the Colorado General Assembly, Gov. Jared Polis, D-Colo., addressed the Colorado Privacy Act after signing it into law, acknowledging the law still leaves several issues outstanding.
More
ABC6 reports members of the Ohio House of Representatives introduced House Bill 376 to enact the Ohio Personal Privacy Act.
More
GUIDANCE
The European Data Protection Board published the final draft of its guidelines "on the concepts of controller and processor" under the EU GDPR.
More
The Data Security Council of India published a handbook outlining best practices for implementing data protection into artificial intelligence technologies from the design stage.
More
Italy's data protection authority, the Garante, unveiled new cookie guidelines. Under the guidelines, consent must be obtained through a clearly marked webpage banner.
More
The Luxembourg National Commission for Data Protection published guidance on how Brexit affects international data transfers.
More
The U.K. ICO wrote a blog post updating its Accountability Framework.
More
