In this week's Privacy Tracker legislative roundup, read about Brazil's new data protection legislation that would require organizations to obtain consent before personal information is used and would establish a government entity tasked with monitoring data protection efforts and enforcement and India's DNA Technology Regulation bill, which would allow law enforcement to collect DNA samples for criminal investigations. In Europe, Parliament voted to suspend the EU-U.S. Privacy Shield “unless the U.S. is fully compliant” by Sept. 1, and the European Data Protection Board rejected ICANN's attempt to require domain registrars to submit personal information. In California, state senators and assemblymembers added provisions to the state's net neutrality bill that would restore the measure and require net neutrality in government contracts for communication services.
LATEST NEWS
The European Data Protection Board rejected the Internet Corporation for Assigned Names and Numbers’ attempt to have a domain registrar submit personal data on personnel conflicts with the EU General Data Protection Regulation, MediaPost reports.
More
In India, the Union Cabinet introduced the DNA Technology (Use and Application) Regulation bill that would allow law enforcement agencies to collect DNA samples and create “DNA profiles” and “special databanks” for criminal investigations, The Print reports.
More
The U.S. Federal Aviation Administration’s Drone Advisory Committee asked a D.C. federal judge to dismiss the Electronic Privacy Information Center’s lawsuit claiming the committee failed to make advisory meetings “open to the public,” Law360 reports.
More
California state senators and assemblymembers added provisions back into the state’s net neutrality bill, SB 822, that would restore net neutrality rules and require net neutrality in government contracts for communications services, Broadcasting & Cable reports.
More
Satellite television provider DirecTV asked a federal judge in Georgia to send a proposed class claims, which alleged the company illegally disclosed subscribers’ personal information to third-party companies, to arbitration, Law360 reports.
More
A settlement proposal was greenlighted by U.S. District Judge George Caram Steeh for a class-action settlement in a suit that accused Time Inc. of violating Michigan’s Video Rental Privacy Act, Law360 reports.
More
ICYMI
In this Privacy Tracker post, Baker McKenzie Partner Lothar Determann offers an initial analysis of California's recently passed Consumer Privacy Act. The analysis answers critical questions, like who and what is protected, who must comply, how to comply, and what sanctions and remedies companies will face, and offers a quick comparison to the EU General Data Protection Regulation and the ballot initiative that was the impetus for the legislature's passing of the law.
More
It's the California Consumer Privacy Act, but does it apply to data processed in the employer-employee relationship? In this Privacy Tracker post, Philip Gordon and Andrew Gray of Littler Mendelson offer an analysis of the CCPA from the HR perspective, noting that "The act is written so broadly ... it could be read to confer rights on employees vis-à-vis their employers with respect to their personnel records."
More
While the U.S. was busy celebrating Independence Day July 4 with barbecues and fireworks, the European Parliament was debating the future of the EU-U.S. Privacy Shield deal. The conclusion? Thursday, Parliament voted for its suspension. The non-binding resolution was passed 303 to 223 votes, with 29 abstentions, and calls on the executive arm of the European Union, the European Commission, to suspend the data-sharing deal “unless the U.S. is fully compliant” by Sept. 1. Jennifer Baker has the details in this exclusive for The Privacy Advisor.
More
US
The U.S. Federal Trade Commission announced Monday it has reached a settlement with a California-based company over allegations that it falsely claimed it was in the process of being certified for complying with the EU-U.S. Privacy Shield framework.
More
The U.S. Federal Trade Commission, Department of Justice, and the Securities and Exchange Commission will look into Facebook discovering Cambridge Analytica had created voter profiles out of its user data in 2015 and why the social media company did not make the information public until just before the news was made public, The Washington Post reports.
More
The Electronic Privacy Information Center filed a brief with the U.S. 9th Circuit Court of Appeals asking the court to revive a privacy class-action lawsuit against Facebook, MediaPost reports.
More
A recent court filing in California shows a “potential settlement” has been reached between smart TV manufacturer Vizio and a group of consumers who argued the company violated several laws stemming from its data collection and sharing practices, MediaPost reports.
More
The Electronic Frontier Foundation announced it has joined an amicus brief, urging the Illinois Supreme Court to adopt a robust interpretation of the state’s Biometric Information Privacy Act. The EFF writes that the case on appeal, Rosenbach v. Six Flags, will place the state’s Supreme Court in a position to determine the “effectiveness of BIPA’s enforcement tool.”
More
ASIA-PACIFIC
The Australian Government Agencies Privacy Code took effect July 1 and, as a result, government agencies must bring on a privacy officer and produce privacy impact assessments, Bloomberg Law reports.
More
In preparation for the Data Sharing and Release Act, the Australian government released an issues paper for consultation to help develop a new framework for sharing and managing public-sector data, Computerworld reports.
More
EUROPE
The top telecom regulator in Germany, the Federal Network Agency, wants tech companies that provide messaging and email services to face the same regulatory standards as traditional telecommunication companies, the Financial Times reports.
More
A report from the U.K Parliament’s Exiting the EU Committee stated that the U.K. government should open talks with the European Commission to secure an adequacy decision immediately, EURACTIV reports.
More
LATIN AMERICA
The Council of Europe announced Mexico has joined the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data.
More
A data protection bill is making its way through Brazil, ZDNet reports. The legislation would require organizations to obtain consent before personal information is used and would establish a government entity tasked with monitoring data protection efforts and enforcement.
More