France’s Lower House has passed a surveillance bill that some claim will give the government intrusive domestic spying abilities with little oversight, and Italy’s data protection authority has released a cookie compliance deadline and max fine amounts. Meanwhile, Jan Philipp Albrecht is predicting no passage of a General Data Protection Regulation this year. Also in this week’s Privacy Tracker global legislative roundup, read about China’s new draft legislation that would create national Internet and information-security safeguard systems. In the U.S., bills have been introduced at the federal level addressing “back doors” for government surveillance, student privacy, data from vehicle event recorders, cybersecurity and breach notification.
LATEST NEWS
NSW Privacy Commissioner Elizabeth Coombs is calling for amendments to the state's Privacy and Personal Information Protection Act, including mandatory breach notification, reports Computerworld.
FierceHealthIT reports a group of Democratic U.S. Senators have introduced the Consumer Privacy Protection Act of 2015, which “calls for a comprehensive approach to data security by requiring companies to take preventative steps to defend against cyberattacks and prevent data breaches and to quickly notify customers in the event a data breach occurs."
Reps. Ted Poe (R-TX), Zoe Lofgren (D-CA) and Thomas Massie (R-KY) have introduced legislation to prohibit the government from requiring tech companies to provide “back doors” to assist in investigations and surveillance, reports The Hill.
Reps. Luke Messer (R-IN) and Jared Polis (D-CO) have introduced the Student Digital Privacy and Parental Rights Act, and it has gained the support of more than 20 education, parent, privacy and industry groups.
Sens. John Hoeven (R-ND) and Amy Klobuchar (D-MN) have again introduced the Driver Privacy Act, which would give ownership of “black box” data to vehicle owners, reports KXNET.
Reps. Randy Neugebauer (R-TX) and John Carney (D-DE) have introduced the Data Security Act of 2015, which aims to protect consumers from identity theft, The Ripon Advance reports.
BankInfoSecurity offers insight on why it’s so hard to pass a data breach bill in the U.S.
The Hill reportscorporations across a broad range of industries are lobbying for the Cybersecurtiy Information Sharing Act.
U.S. lawmakers are debating laws to regulate public access to footage from body cameras worn by police, reports USA Today.
A Connecticut bill protecting current and prospective employees from being required to allow employers access to personal online accounts is headed to the governor’s desk, reports Connecticut Post.
Nevada lawmakers are debating a bill that would set regulations for how law enforcement and private citizens can use drones, reports the Associated Press.
The Lund Report writes about the Oregon House passing a bill allowing patients to shield medical information from policyholders in explanation of benefits.
Virginia Gov. Terry McAuliffe has signed a social media privacy billthat prohibits employers from requiring potential and current employees to hand over login credentials to personal online accounts, Lexology reports.
ICYMI
Jason Hirsh, a partner at Levenfeld Pearlstein, LLC, writes for Privacy Tracker that two appeals in front of the Illinois Seventh Circuit may challenge the application of Clapper v. Amnesty, Inc., when determining harm in breach cases.
U.S.
The New York Times reports the Second Circuit Court of Appeals ruled the National Security Agency's bulk phone records collection program is illegal, and The Hill reports the case will likely head to the Supreme Court.
Wired reports that a panel of 11th Circuit Court judges has overturned the ruling in U.S. v. Davis. The new ruling says that because Davis's phone location data was the property of the phone carrier, he had no expectation of privacy, and the police who were tracking him didn't need a warrant.
CANADA
The Huffington Post Canada reports Bill C-51 passed the House of Commons by a vote of 183 to 96 and now heads to the Senate for final passage. The government is expected to give royal assent within weeks, the report states.
Ontario's Personal Health Information Protection Act (PHIPA) "has seen zero successful prosecutions since it came into force over a decade ago,"The Star reports, noting privacy experts point to PHIPA's "complicated and drawn-out prosecution process" as the reason.
EU
The lower house of the French Parliament has overwhelmingly increased surveillance measures"that could give the authorities their most intrusive domestic spying abilities ever, with almost no judicial oversight," The New York Times reports.
Tech Dirt reports the Constitutional Court of the Slovak Republic has ruled mass surveillance unconstitutional.
Rocco Panetta writes that the president of Italy’s data protection authority, the Garante, has announced the deadline and maximum fine amount for cookie compliance in this Global Privacy Dispatch for The Privacy Advisor.
UK Deputy Prime Minister Nick Clegg called for a new Digital Bill of Rights to be introduced within six months of the new Parliament, The Telegraph reports.
Poland appointed Edith Bielak-Jomaa as its new inspector general for personal data protection, Privacy This Week reports.
The Parliament Magazine reports that European Parliament Rapporteur Jan Philipp Albrecht has indicated the General Data Protection Regulation is not likely to be adopted by the end of the year, and he blames the current “nothing is agreed until everything is agreed” approach.
ASIA PACIFIC
Reuters reports draft legislation proposed by the standing committee of China’s National People's Congress would include a "cyberspace 'sovereignty' clause"and the establishment of national Internet and information-security safeguard systems.
Australian Privacy Commissioner Timothy Pilgrim "has ruled that metadata is personal, finding that Telstra must hand over information it holds about a journalist, two years after he exercised his legal right to see his personal metadata," ABC reports.