In this week’s Privacy Tracker global legislative roundup, learn about the development of South Africa’s Protection of Personal Information Act 2013 and a proposed new contact-tracing bill in Israel. Italy’s data protection authority, the Garante, issued a 600,000 euro fine against a banking institution after a 2017 data breach compromised the personal data of more than 700,000 customers. In the U.S., privacy advocates are raising concerns over the Senate’s proposed Eliminating Abusive and Rampant Neglect of Interactive Technology Act.
LATEST NEWS
The European Data Protection Supervisor released a report on how EU institutions, bodies and agencies have used data protection impact assessments since the EU General Data Protection Regulation went into effect.
More
Italy’s data protection authority, the Garante, issued a 600,000 euro fine to an unnamed banking institution following a 2017 data breach that compromised the personal data of more than 700,000 customers.
More
Privacy advocates expressed concern over the U.S. Senate's proposed Eliminating Abusive and Rampant Neglect of Interactive Technology Act, created to combat the proliferation of explicit images featuring children, the Guardian reports.
More
ICYMI
Thompson Hine’s Steven Stransky, CIPP/G, CIPP/US, and Jennifer Elleman analyze how the California Consumer Privacy Act’s draft regulations issued by the California attorney general handle identity verification in this Privacy Tracker piece.
More
Also for Privacy Tracker, Or-Hof Law Owner Dan Or-Hof, CIPP/E, CIPP/US, breaks down a proposed new contact-tracing bill in Israel.
More
ENFORCEMENT
France’s data protection authority, the Commission nationale de l’informatique et des libertés, will adjust its guidelines on cookies and future recommendations in accordance with the decision made by the country’s Council of State, the Conseil d’État.
More
European Data Protection Supervisor Wojciech Wiewiórowski published “The EDPS Strategy 2020–2024” with a focus on digital solidarity within Europe and internationally.
More
The Irish Data Protection Commission released guidance on the implementation of the Return to Work Safely Protocol developed by the departments of Business, Enterprise and Innovation and Health, created to ensure organizations are in compliance with the EU General Data Protection Regulation as they process personal data while implementing the protocol.
More
The Danish data protection authority, Datatilsynet, fined Lejre Municipality DKK 50,000 for failing its obligations as a data controller in violation of the EU General Data Protection Regulation. (Original article is in Danish.)
More
In Germany, the Baden-Württemberg Commissioner for Data Protection and Freedom of Information issued a 1.24 million euro fine against health insurance company AOK Baden-Württemberg for not properly implementing measures, in accordance with the GDPR, when processing individuals’ data for advertising purposes. (Original article is in German.)
More
NTT Global Data Centers, formerly known as RagingWire Data Centers, settled U.S. Federal Trade Commission allegations that it falsely claimed participation in the EU-U.S. Privacy Shield Program.
More
A preliminary $2.8 million settlement of a data breach lawsuit against Iowa’s UnityPoint Health does not contain a “global cap” on the total claim amount to be paid to victims.
More
In Canada, the Office of the Privacy Commissioner and counterparts in Quebec, British Columbia and Alberta are investigating whether a Tim Hortons mobile-ordering app’s collection and use of geolocation data are in compliance with the Personal Information Protection and Electronic Documents Act.
More
US
Facebook will ask the Supreme Court of the United States to intervene in a lawsuit that alleges it violated federal wiretap law by tracking users via the “Like” button.
More
An Illinois resident is asking a judge to appeal her decision dismissing claims that headphone manufacturer Bose violated federal wiretapping statute by allegedly disclosing information about customers’ streaming choices.
More
Georgetown Law Project Manager Jeff Gary and Georgetown Institute for Technology Law and Policy Distinguished Fellow Gigi Sohn said broadband internet access providers’ challenge of a Maine law protecting internet users’ privacy could have broad legislative implications.
More
