In this week’s Global News Roundup, the Office of the Australian Information Commissioner opened a probe into Medibank’s data breach. Meta received a 265 million euro fine from Ireland's Data Protection Commission. And Israel’s Ministry of Justice is seeking public input on draft regulations for data transfers to the European Economic Area.
The Latest
Indian Parliament is weighing a potential exemption for early-stage startup companies in the proposed Digital Personal Data Protection Bill, The Tribune reports.
More
The Council of the European Union, European Parliament and European Commission reached agreement on the e-Evidence regulation, Euractiv reports.
More
Politico reports the European Data Protection Board is expected to decide on record fines potentially totaling more than 2 billion euros against Meta subsidiaries.
More
Politico reports the Irish Data Protection Commission opened a probe into the potential exposure of more than five million EU and U.S. Twitter accounts.
More
Italy's data protection authority, the Garante, fined Alpha Exploration, owner of the social network Clubhouse, 2 million euros for violations of the EU General Data Protection Regulation.
More
In a piece for the Brookings Institution, Distinguished Visiting Fellow Cameron Kerry and Research Assistant Mishaela Robison proposed adding U.S. Federal Trade Commission rulemaking authority over digital advertising provisions in a potential federal privacy law.
More
Enforcement
The Office of the Australian Information Commissioner launched an investigation into the Medibank data breach.
More
During its Dec. 5 plenary session, the European Data Protection Board will discuss disputed draft decisions of the Irish Supervisory Authority against Meta's Facebook, Instagram and WhatsApp services.
More
France’s data protection authority, the Commission nationale de l'informatique et des libertés, issued a 600,000 euro fine to utility company EDF.
More
The Conference of the Independent Data Protection Authorities of Germany banned the use of Microsoft Office 365 in all schools, Computer Weekly reports.
More
Ireland's Data Protection Commission announced a 265 million euro fine to Meta over alleged GDPR violations.
More
Reuters reports Twitter is cooperating with a probe by Ireland's Data Protection Commission into implications of recent privacy and security personnel changes.
More
Italy's data protection authority, the Garante, fined perfume chain Douglas Italia 1.4 million euros for data protection violations.
More
Asia-Pacific
The Parliament of Australia approved final passage of the Privacy Legislation Amendment Bill 2022.
More
Canada
IT World Canada reports the Ontario Court of Appeal set a precedent for future data breach lawsuits with a recent decision on a 2017 breach claim against Equifax.
More
Europe
The Brussels Times reports a bill to reform the Belgian Data Protection Authority was referred to Belgium's Council of State, as a result of new discrepancies between ruling and opposing parties over the bill's proposal for director appointments.
More
The European Council adopted the Digital Operational Resilience Act to ensure member states’ financial sectors can “stay resilient through a severe operational disruption.”
More
The Conference of the Independent Data Protection Authorities of Germany introduced a resolution for the processing of personal health data at its 104th conference.
More
Israel's Ministry of Justice announced a public consultation on the draft Privacy Protection Regulations for data transfers from European Economic Area nations.
More
The U.K. announced an update to the Network and Information Systems Regulations, including mandatory incident reporting obligations for managed service providers and minimum security requirements with fines of up to 17 million GBP for noncompliance, The Record reports.
More
The Hamburg Commissioner for Data Protection and Freedom of Information published its observations on the proposed EU-U.S. Data Privacy Framework.
More
U.S.
The IAPP updated its U.S. Federal Privacy Legislation Tracker, which summarizes more than 100 pieces of privacy-related legislation introduced by members of the 117th Congress.
More
The incoming 118th U.S. Congress must prioritize passing the American Data Privacy and Protection Act, National Consumers League Executive Director Sally Greenberg writes for The Hill.
More
More than 90 advocacy groups penned a letter to U.S. Senate leadership opposing passage of the proposed Kids Online Safety Act, CNBC reports.
More
Guidance
The U.S. Department of Health and Human Services Office of Civil Rights issued guidance to entities and business associates using tracking technology under the Health Insurance Portability and Accountability Act.
More
ICYMI
The proposed Artificial Intelligence Act would be the first horizontal regulation of AI in the world, but, as always, the devil is in the details. IAPP Editorial Director Jedidiah Bracy, CIPP, looks at how other EU lawmakers and stakeholders are crafting this massive, precedent-setting legislation.
More
Data retention has long been a blind spot of Europe's otherwise strict data protection regime. But a possible practical solution might be in sight, journalist Luca Bertuzzi writes.
More
IAPP Editorial Director Jedidiah Bracy, CIPP, interviewed AI Act Co-rapportuer and Romanian Member of Parliament Dragoș Tudorache for The Privacy Advisor Podcast.
More
The proposed EU-U.S. Data Privacy Framework is on track to be finalized sometime in spring 2023, if the European Commission’s adequacy process aligns with timelines for its prior decisions. At the IAPP Europe Data Protection Congress 20222, Staff Writer Joe Duball rounded up all the discussions contemplating the future of EU-U.S. data flows.
More
