In this week’s global legislative roundup, the Federal Court of Canada sided with the Office of the Privacy Commissioner on an investigation of alleged Personal Information Protection and Electronic Documents Act violations against Google. Israeli law enforcement supported a bill to allow facial recognition technology in public spaces. In the U.S., Colorado officially enacted the Colorado Privacy Act, New York City’s biometric data protection law entered into force, and a proposal to ban use of facial and biometric recognition technology in federal-funded public housing was introduced.
LATEST NEWS
Brazil's data protection authority, the Autoridade Nacional de Proteção de Dados, published an ordinance introducing its regulatory process across units.
More
The Federal Court of Canada sided with the Office of the Privacy Commissioner of Canada over an individual's right to be forgotten and an investigation of alleged Personal Information Protection and Electronic Documents Act violations against Google.
More
Haaretz reports Israeli law enforcement threw its support behind a bill that would allow facial recognition technology in public spaces. The draft law would enable face matching with a police database and data sharing between agencies.
More
ICYMI
In the U.S., Colorado officially enacted the Colorado Privacy Act, becoming the third U.S. state to enact comprehensive privacy legislation. IAPP Westin Research Fellow Sarah Rippy breaks down the newly minted legislation, including a look at the bill's scope, exemptions and the consumer rights it gives citizens.
More
The IAPP created a chart comparing the comprehensive data privacy laws in California, Virginia and Colorado, providing an overview of each law’s requirements and highlighting their similarities and differences.
More
Italy's DPA, the Garante, published its 2020 Activity Report, covering how the agency handled the COVID-19 pandemic as well as its case involving TikTok.
More
The Netherlands' DPA, Autoriteit Persoonsgegevens, fined the Employee Insurance Agency 450,000 euros for insufficient safeguards for the agency's messaging platform.
More
The U.K. Information Commissioner's Office issued a 25,000 GBP fine to U.K.-based charity Mermaids for an email-related data breach.
More
The U.K. Information Commissioner's Office also published its annual report for 2020-2021. Information Commissioner Elizabeth Denham said the ICO's response to the challenges of the past year produced "what I believe is this office’s most significant body of work."
More
Politico reports the chief of staff for U.S. Federal Trade Commission Chair Lina Khan ordered the agency's staff to cancel their public appearances as the "under-resourced" agency faces "an all-hands-on-deck moment."
More
ASIA-PACIFIC
The New Zealand government implemented a legislative framework granting citizens a new consumer data right. Citizens will have the ability to share their data with third parties via standardized data formats and interfaces.
More
EUROPE
In Germany, the Schleswig-Holstein Higher Regional Court ruled an account holder at a private credit bureau has a right to deletion under Article 17 of the EU General Data Protection Regulation.
More
The U.K. government published its "Plan for Digital Regulation," which outlines how the country will govern technology.
More
LATIN AMERICA
Brazil's Chamber of Deputies approved urgency rules for a bill establishing principles on the use of artificial intelligence.
More
US
U.S. Reps. Yvette Clarke, D-N.Y., Rashida Tlaib, D-Mich. and Ayanna Pressley, D-Mass., reintroduced the "No Biometric Barriers to Housing Act of 2021." The proposed bill would ban the use of facial and biometric recognition technology in "most federally funded public housing" and would require the Department of Housing and Urban Development to submit a report to Congress on the tech's impact on the public housing sector and its tenants.
More
GUIDANCE
France's DPA, the Commission nationale de l’informatique et des libertés, offered its opinion on the European Commission's proposal for regulating artificial intelligence, calling for clarification on what is permitted under the framework and seeking clarity on how the regulation interacts with the EU GDPR.
More