In this week’s global legislative roundup, the European Commission announced it will open a digital compliance office in San Francisco. The European Data Protection Board reached a “binding decision” over Ireland's Data Protection Commission enforcement of reported children’s privacy violations by Instagram. And the U.S. Consumer Financial Protection Bureau fined U.S. Bank for illegally accessing customer information.
The Latest
The European Commission plans to open its digital compliance oversight office in San Francisco, California, Sept. 1, The Wall Street Journal reports.
More
A recent U.S. regulatory filing from Meta reiterated a likely suspension of EU services for Facebook and Instagram users if an EU-U.S. data transfer agreement isn't finalized soon, Bloomberg reports.
More
Enforcement
Croatia's Personal Data Protection Agency issued 2.15 million kune in fines to a telecommunications provider over insufficient "technical and organizational security measures for the processing of personal data."
More
Denmark's data protection authority, Datatilsynet, recommended a 500,000 kroner fine against Danish law firm SIRIUS advokater related to insufficient data security measures.
More
France's data protection authority, the Commission nationale de l'informatique et des libertés, closed its case against Facebook regarding alleged cookie violations under the ePrivacy Directive.
More
France's CNIL announced a 175,000 euro fine against rental car company Ubeeqo International for unlawful collection of geolocation data of customers in its rental vehicles.
More
The European Data Protection Board announced the adoption of a binding decision related to the Irish Data Protection Commission's enforcement of alleged children's privacy violations by Instagram.
More
Reuters reports the Tagansky District Court of Moscow issued fines totaling 22 million rubles to WhatsApp, Snap, Tinder and Hotels.com following decisions on alleged violations of Russia's data localization laws.
More
The Lower Saxony State Commissioner for Data Protection fined Volkswagen 1.1 million euros for an EU General Data Protection Regulation violation.
More
The U.S. Consumer Financial Protection Bureau fined U.S. Bank $37.5 million for illegally accessing customer credit reports and sensitive personal data and opening accounts and lines of credit without the customer's consent, according to a CFPB press release.
More
Asia-Pacific
Indian Union Minister of State for Electronics and Information Technology Rajeev Chandrasekhar indicated the proposed Data Protection Bill will not be tabled during Indian Parliament's upcoming Monsoon Session, Financial Express reports.
More
Canada
Global News reports the Office of the Privacy Commissioner of Canada began an investigation into the country's ArriveCAN application, which collects health and personal data from those entering Canadian borders.
More
Information and Privacy Commissioner of Ontario Patricia Kosseim offered her take on the federally proposed Artificial Intelligence and Data Act included in Bill C-27's omnibus package.
More
Europe
The European Commission released a report on the "application and functioning" of the EU Law Enforcement Directive.
More
The European Data Protection Board and the European Data Protection Supervisor published a joint opinion on the European Commission's proposal to combat child sexual abuse online.
More
The U.K. Home Office announced its Data Access Agreement concerning criminal data sharing with the U.S. will take effect Oct. 3.
More
US
The U.S. National Credit Union Administration may soon require federally insured credit unions to report hacking incidents, SC Media reports.
More
U.S. Senate Committee on Commerce, Science, and Transportation Chair Maria Cantwell, D-Wash., doubled down on her opposition to the proposed American Data Privacy and Protection Act, The Spokesman-Review reports.
More
U.S. Sens. Kyrsten Sinema, D-Ariz., and Cynthia Lummis, R-Wyo., introduced the Improving Digital Identity Act of 2022.
More
Seven U.S. state attorneys general announced shares of an $8 million settlement with convenience store chain Wawa related to a 2019 data breach.
More
Guidance
France's CNIL published its recommendations for devising age verification systems.
More
The U.K. Information Commissioner's Office published updated guidance for using binding corporate rules as a data transfer mechanism.
More
ICYMI
The U.S. Senate Committee on Commerce, Science and Transportation passed two children’s privacy bills during a markup session July 27. IAPP Staff Writer Alex LaCasse has the details from the hearing.
More
The California Privacy Protection Agency carries a mandate to protect California consumers from all sorts of risks and harms, which in the agency's opinion includes comprehensive federal privacy legislation proposed by U.S. Congress. IAPP Staff Writer Joe Duball recaps a special CPPA meeting and examines board members' takes on CPRA's perceived strength over the current federal proposal.
More
In the first of a multipart series outlining new legislation adopted since May under the European Union’s Strategy for Data, the IAPP Research and Insights team provides privacy professionals with an overview of the EU Data Governance Act, including the law's objectives, material and territorial scope, main requirements, enforcement, and oversight structure.
More
