![Default Article Featured Image_laptop-newspaper-global-article-090623[95].jpg](https://images.contentstack.io/v3/assets/bltd4dd5b2d705252bc/blt61f52659e86e1227/64ff207a8606a815d1c86182/laptop-newspaper-global-article-090623[95].jpg?width=3840&quality=75&format=pjpg&auto=webp)
The latest proposed draft of Germany’s data retention legislation includes a provision for keeping the data in Germany, which some say may not sit well with U.S. tech firms. Meanwhile, Belgium has written a lengthy recommendation stating why it should be regulating Facebook, and EU ambassadors have agreed to a proposal that would create three levels of fines for violations of the data protection overhaul. Also in this week’s Privacy Tracker weekly legislative roundup, South Africa is taking steps to appoint an information regulator and newly proposed drone regulations may conflict with business uses, and read about updates on the 21st Century Cures bill, PCLOB and the USA PATRIOT Act as well as state actions in the U.S.
LATEST NEWS
Ars Technica reports that Germany’s new draft data retention bill includes provisions for the retention of phone and Internet data for 10 weeks and mobile phone geolocation data for four weeks and a requirement that the data remain within Germany.
DataGuidance reports the South African Civil Aviation Authority plans to introduce new regulations to govern drones; however, Claudia Eisenburg of Norton Rose Fulbright's Johannesburg office says some of the requirements conflict with potential business applications.
The South African Department of Justice has announced it will begin the process for appointing of an information regulator, the lack of which some have pointed to as holding up the Protection of Personal Information Act that passed 18 months ago.
The Hill reports ranking member of the U.S. Senate Subcommittee on Consumer Protection, Product Safety, Insurance and Data Security Sen. Richard Blumenthal (D-CT) says he’s hopeful the Senate can reconcile the multiple data breach measures currently being debated.
Sen. Kelly Ayotte (R-NH) has signed on to pending legislation introduced by Sens. Patrick Leahy (D-VT) and Mike Lee (R-UT) to update U.S. privacy laws for email and other forms of electronic messaging, Ripon Advance reports.
The American Civil Liberties Union has drafted a model bill offering recommendations for use of police-worn body cameras, reports International Business Times.
Connecticut Gov. Dannel P. Malloy has signed into law a social media privacy bill prohibiting employers from requiring login information for personal online accounts, Republican-American reports.
The Connecticut legislature is debating a bill that would see all of the state’s police officers outfitted with body-worn cameras, reports The Connecticut Post.
The Nevada Senate has passed AB239, which would create regulations for drone use in the state. The bill passed unanimously in the Assembly last month.
The New Hampshire Senate has sent legislation that would expand criminal background checks for prospective public school employees back to committee upon pressure from the teachers union, reports Valley News.
ICYMI
The Data Quality Campaign provides Privacy Tracker with an update on student privacy legislation in the U.S., including proposed amendments to the Family Educational Rights and Privacy Act and new laws in Georgia and Maryland.
In this Privacy Tracker post, Tim Van Canneyt outlines the Belgian Privacy Commission’s recommendation regarding Facebook and offers measures multinationals can take in their approach to compliance with EU law.
U.S.
Despite privacy concerns, the House Committee on Energy and Commence has voted unanimously in favor of the 21st Century Cures bill, which looks to remove the patient consent requirement for covered entities to use protected health information for academic purposes, GovInfo Security reports.
The Hill reports on a bipartisan group of legislators, including Sens. Ron Wyden (D-OR) and Tom Udall (D-NM) and Reps. Tulsi Gabbard (D-HI) and Trey Gowdy (R-SC),that wants to strengthen the Privacy and Civil Liberties Oversight Board.
Debates continue over the value of the USA PATRIOT Act, but Sen. Mitch McConnell (R-KY) said he'll allow a vote on an overhaul of U.S. surveillance programs, The Hill reports.
Sen. Edward Markey (D-MA) has asked the seven major wireless carriers in the U.S. for data on the number of law enforcement requests each received in 2013 and 2014 and what information was requested, according to a press release.
Sen. Al Franken (D-MN) is once again urging Congress to pass legislation against tracking apps, The Hill reports.
The Federal Trade Commission advised companies in a blog post that it looks positively on cooperation when conducting investigations into data security breaches, The Hill reports.
A coalition of 38 states prevailed in ensuring that RadioShack must, by mandate, destroy the greater part of its collection of customer data—including credit card information, Social Security numbers and phone numbers, Your Houston News reports.
The Wall Street Journal reports 31 states have reached a settlement with credit bureaus Equifax, Experian and TransUnionrequiring them to alter the way they handle consumers' financial and credit history data.
Winston and Strawn LLP takes a look at the April class-action settlement in which Howard Johnson International, Inc., and Wyndham Hotel Group LLC paid $1.5 million after allegedly failing to properly alert customers that their phone conversations were being recorded.
Florida Gov. Rick Scott has signed legislation that makes posting "revenge porn" online a crime, Reuters reports, joining another 16 U.S. states
CANADA
Ontario's Office of the Information and Privacy Commissioner is calling for more prosecutions under the Personal Health Information and Privacy Act when healthcare workers snoop on patient files, reports The Star.
EU
Promontory's John Bowman, CIPP/E, writes for Privacy Perspectives about the work of the Data Protection and Information Exchange and the latest news out of Brussels.
EurActiv reports that EU ambassadors have agreed to Latvia’s draft text that would implement three levels of fines for businesses that violate the EU's data protection overhaul. The levels range from one-half percent to two percent of an organization's annual global turnover.
Sam Pfeifle summarizes for The Privacy Advisor the Belgian Privacy Commission's recommendation outlining why it has competence to regulate Facebook.
Bryan Cunningham writes for Politico about the trend toward new spying powers in the EU while the U.S. scales back.
ASIA PACIFIC
The Australian government has expanded access to metadata being held under recently passed data retention laws with the introduction of a new bill, reports CNet, and some are saying this is the “scope creep” they were worried about.