In this week’s global legislative roundup, IAPP Staff Writer Joe Duball compiles the latest news regarding the U.S. Supreme Court’s decision to overturn Roe v. Wade. China released new guidelines for cross-border data processing. The U.S. House Committee on Energy and Commerce formally introduced the American Data Privacy and Protection Act. And, the European Data Protection Supervisor has concerns the amended Europol Regulation will weaken data protections.
Latest news
IAPP Staff Writer Joe Duball rounds up ways lawmakers and technology companies are trying to combat privacy harms expected from the court's decision.
More
China’s National Information Security Standardization Technical Committee released guidance on conducting cross-border processing of personal information “in a standardized manner” and in accordance with the Personal Information Protection Law.
More
The digital innovation laboratory, LINC, of France's data protection authority, Commission nationale de l'informatique et des libertés, published its work program for 2022 and 2023.
More
Enforcement
Hong Kong’s Office of the Privacy Commissioner for Personal Data announced it removed 90% of social media posts that reportedly contained doxxed information, the South China Morning Post reports. Privacy Commissioner for Personal Data Ada Chung reported her office issued 774 cessation notices between October 2021 and May.
More
Thailand Digital Economy and Society Minister Chaiwut Thanakmanusorn clarified mass media outlets and the work it carries out is exempt from the Personal Data Protection Act.
More
The Office of the Privacy Commissioner of Canada announced Prime Minister Justin Trudeau appointed Philippe Dufresne as privacy commissioner.
More
The House of Commons of Canada's Standing Committee on Access to Information, Privacy and Ethics unanimously supported the nomination of Philippe Dufresne as privacy commissioner, The Globe and Mail reports.
More
The European Data Protection Supervisor expressed concerns that the amended Europol Regulation will weaken data protection rights and not adequately oversee the EU Agency for Law Enforcement Cooperation.
More
In a keynote speech at its two-day conference, “The future of data protection: effective enforcement in the digital world,” European Data Protection Supervisor Wojciech Wiewiórowski called for a “pan-European data protection enforcement model” to ensure consistent and fundamental data protection rights.
More
The European Data Protection Board published the agenda for its June plenary session, which includes several items related to international data transfers.
More
Italy's data protection authority, the Garante, joined DPAs in Austria and France in ruling against data transfers to the U.S. using Google Analytics.
More
Norway's data protection authority, Datatilsynet, announced a ban on the browser tool Shinigami Eyes.
More
Russia's data protection authority, Roskomnadzor, announced the Magistrate's Court of the Tagansky District of Moscow fined Google 15 million rubles for its “repeated refusal” to localize Russian citizens’ data within the country.
More
The U.K. Information Commissioner’s Office announced the Department for Digital, Culture, Media and Sport and the Treasury agreed the ICO can retain a portion of funds paid as a result of civil monetary penalties.
More
The U.S. Department of Justice announced a settlement with Meta over alleged violations of the Fair Housing Act related to Facebook's targeted advertising practices. Plaintiffs alleged Facebook's personalized algorithms for housing ads were partially powered by characteristics protected under the FHA.
More
The U.S. Federal Trade Commission re-filed its Advanced Notice of Proposed Rulemaking with the Office of Management and Budget for a potential rulemaking on privacy and artificial intelligence.
More
The FTC issued the “Combatting Online Harms Through Innovation” report to Congress, urging "great caution" in relying on artificial intelligence as a policy solution for online harms.
More
Asia-Pacific
The Hindustan Times reports India's proposed Personal Data Protection Bill, 2019 may return to its original focus on personal data.
More
Indonesia’s draft Law on Personal Data Protection shows the government’s “commitment to the strengthening of personal data protection in Indonesia in the public interest,” Dentons Partner Andre Rahadian and Senior Associate Mika Isac Kriyasa write in a blog post.
More
Canada
The Artificial Intelligence and Data Act within proposed Digital Charter Implementation Act, Bill C-27, would establish Canada’s requirements around AI design, development and use in the private sector, including biometrics, Biometric Update reports.
More
Toronto police must determine whether collected race-based data could be used to investigate officers’ performance issues, CBC News reports.
More
Europe
The Irish Times reports proposed legislation would give Ireland's police force and judges the ability to order the retention of communications data for national security purposes.
More
Scotland's Biometric Data Commission introduced a bill that would make the nation the first to have a code for law enforcement use of biometric data in the criminal justice system, The Scotsman reports.
More
US
The Washington Post reports U.S. Senate Committee on Commerce, Science, and Transportation Chair Maria Cantwell, D-Wash., will not support the American Data Privacy and Protection Act as currently constituted.
More
Key U.S. senators opposing the American Data Privacy and Protection Act are standing in the way of passing the draft bipartisan and bicameral bill, The Washington Post reports.
More
The U.S. House Committee on Energy and Commerce formally introduced the American Data Privacy and Protection Act and scheduled it for committee markup June 23.
More
U.S. President Joe Biden signed two bills into law to enhance cybersecurity measures among federal, state and local governments, The Hill reports.
More
U.S. Sen. Elizabeth Warren, D-Mass., alongside a group of Democratic lawmakers, introduced the Health and Location Data Protection Act, which would ban data brokers from selling Americans’ health and location information.
More
Privacy Operations Management
The South China Morning Post reports Chinese ride-hailing company Didi Chuxing is completing privacy compliance measures to get its mobile apps restored on China's app stores.
More
France's data protection authority, the Commission nationale de l'informatique et des libertés, issued guidelines for the sharing of personal information between charitable associations and foundations according to the EU General Data Protection Regulation.
More
Germany's Federal Office for Information Security released guidance for securing mobile health care applications.
More
Norway's data protection authority, Datatilsynet, published new privacy rules for companies that process personal data.
More
Spain's data protection authority, the Agencia Española de Protección de Datos, published guidelines directed at individual physicians' health data handling.
More
