In this week's Privacy Tracker global legislative roundup, the Office of the Australian Information Commissioner and the U.K. Information Commissioner's Office wrapped up a joint investigation into the personal handling practices of Clearview AI. The Belgian Data Protection Authority is reportedly close to finalizing a draft ruling on its investigation into IAB Europe’s Transparency & Consent Framework. In the U.S., the Supreme Court declined to hear a case calling for the release of redacted decisions by the Foreign Intelligence Surveillance Court that authorized expanded surveillance following the Sept. 11, 2001 attacks and Jim Dempsey assessed the new Gramm-Leach-Bliley Safeguards Rule recently adopted by the U.S. Federal Trade Commission.
THE LATEST
Ireland’s Data Protection Commission released a summary of requirements on a new online breach notification form.
More
Israel's Ministry of Justice announced its approval of promotions to update the country's Privacy Protection Law.
More
ICYMI
On Oct. 27, the U.S. Federal Trade Commission adopted a new Gramm-Leach-Bliley Safeguards Rule to impose more detailed data security requirements. Jim Dempsey assesses the rule and breaks down its requirements for cybersecurity and how to best meet the new standards in this article for The Privacy Advisor.
More
In this piece for The Privacy Advisor, University of Illinois’ Vera Glonina, CIPP/US, compiled details about 11 bills introduced to the Illinois General Assembly in regarding the Illinois Biometric Information Privacy Act in 2021, including key provisions, into a table to best track the different proposals and amendments in the legislation.
More
IAPP Westin Research Fellow Samuel Adams breaks down the contents of the data protection memorandum between Brazil and Spain and looks at its highlights, including commitments and goals, in this article for The Privacy Advisor.
More
ENFORCEMENT
The Office of the Australian Information Commissioner and the U.K. Information Commissioner’s Office concluded a joint investigation into the personal information handling practices of Clearview AI.
More
The Belgian Data Protection Authority is reportedly close to finalizing a draft ruling on its investigation into IAB Europe’s Transparency & Consent Framework.
More
China's Ministry of Industry and Information Technology has ordered dozens of applications to change their data privacy practices, Reuters reports.
More
Denmark's DPA, Datatilsynet, criticized the Aalborg Municipality for sharing the email of an online job course participant with other participants based on consent that does not comply with the EU General Data Protection Regulation.
More
Finland's DPA, the Office of the Data Protection Ombudsman, stated a media outlet does not have to comply with a consumer's request to withhold publishing tax information in a public portal because it was processed "for journalistic purposes."
More
Italy's DPA, the Garante, launched an investigation into "pirated" COVID-19 green pass applications, warning users the apps unlawfully process data. The application issued by the Ministry of Health is the only verified green certificate app, the DPA said.
More
Nova Scotia Premier Tim Houston reiterated his commitment to give the Office of the Information and Privacy Commissioner order-making power, a promise he made before his premiership, CBC News reports.
More
South Korea’s Personal Information Protection Commission’s dispute mediation panel recommended Facebook’s parent company Meta Platforms compensate users over a breach of consent, Sambad Group reports.
More
The Virginia Consumer Data Protection Act Working Group of the Joint Commission on Technology and Science released its final report on best practices and recommendations prior to the VCDA’s January 2023 implementation.
More
ASIA-PACIFIC
The Financial Times reports China’s Personal Information Protection Law has increased demand for data protection officers.
More
Hong Kong’s Office of the Privacy Commissioner for Personal Data released an e-newsletter detailing the amended Personal Data (Privacy) Ordinance 2021.
More
The Hindu reports the Unique Identification Authority of India is requesting the government consider exempting the agency's work from the draft Personal Data Protection Bill.
More
In response to surveillance efforts by NSO Group’s “Pegasus” software, the Supreme Court of India ruled citizens have as much right to privacy as journalists or social activists, The Times of India reports.
More
The New Zealand government is seeking qualified applicants interested in being considered for the role of privacy commissioner, following John Edwards’ appointment as U.K. Information Commissioner.
More
EUROPE
According to Euractiv, an independent review board rejected the European Commission's proposed Data Act following evaluation of the commission's impact assessment.
More
UNITED STATES
The U.S. Supreme Court declined to hear a case calling for the release of redacted decisions by the Foreign Intelligence Surveillance Court that authorized expanded surveillance following the Sept. 11, 2001 attacks, The Wall Street Journal reports.
More
U.S. Senators Marco Rubio, R-Fla., and Raphael Warnock, D-Ga., introduced the Protecting Sensitive Personal Data Act.
More
The Biden administration issued a sweeping executive order requiring all federal agencies to immediately patch cyber flaws, The Wall Street Journal reports.
More
Washington state experienced a growth in data breaches across the board in 2021, according to the newly released 2021 Data Breach Report from the attorney general's office.
More
PRIVACY OPERATIONS MANAGEMENT
Denmark’s data protection authority, Datatilsynet, published guidance for data controllers on supervising data processors.
More
Germany’s Federal Cartel Office, the Bundeskartellamt, published an interim report on its inquiry into messenger and video services, launched in November 2020.
More
Ireland's data protection authority, the Data Protection Commission, published a guidance on vaccine certification checks for data controllers and data subjects.
More
Luxembourg’s National Commission for Data Protection published updated guidelines on cookies and other trackers to help websites and applications comply with applicable rules.
More
The U.S. Federal Trade Commission recommended two preventive steps to help small businesses boost digital defenses against ransomware risks.
More
