In this week's Privacy Tracker global legislative roundup, deeper analysis and consideration of the European Data Protection Board's new data transfer guidelines. EU institutions compromised on the EU Data Governance Act, while changes to EU General Data Protection Regulation enforcement could be on the horizon. The U.K. Information Commissioner's Office proposed a 17 million GBP fine against Clearview AI. IAPP Westin Research Fellow Samuel Adams offered a look at Quebec's Bill 64. And the IAPP updated its comprehensive privacy law global mapping.
THE LATEST
Australia's government has commenced work to reform the country's electronic surveillance laws, ZDNet reports.
More
Austria's Data Protection Authority approved a code of conduct for data processing in the insurance sector, according to Austria's Chamber of Commerce.
More
Iceland's data protection authority, Persónuvernd, fined the Ministry of Industry and Innovation and retailer YAY 7.5 million and 4 million euros each over violations stemming from processing of personal information in connection with government travel donations.
More
The U.S. Department of Health and Human Services’ Office for Civil Rights announced five settlements under the Health Insurance Portability and Accountability Act Right of Access Initiative. The fines range between $10,000 to $160,000.
More
State lawmakers in Oklahoma discussed efforts to pass the Oklahoma Computer Data Privacy Act during the upcoming 2022 legislative session.
More
ICYMI
The IAPP updated its comprehensive privacy law global mapping to include Colombia, New Zealand, Nigeria, Republic of Benin and South Africa.
More
IAPP Westin Research Fellow Samuel Adams analyzes the proposed changes to Quebec's data protection regime through Bill 64 and the ripple effect this could cause across Canada.
More
IAPP Vice President & Chief Knowledge Officer Caitlin Fennessy, CIPP/US, dives into the practical impacts and policy considerations stemming from the European Data Protection Board's guidance on data transfers as it relates to the interplay between Article 3 and Chapter V of the EU General Data Protection Regulation. Joe Duball also recapped a LinkedIn Live session on the matter with Fennessy and EDPB Secretariat Head Isabelle Vereecken.
More
Bird & Bird Partner Ruth Boardman and Associate Catherine Hughes also provided analysis of the EDPB's transfer guidance, spelling out the crucial points of interest in the guidelines privacy professionals need to take into account.
More
Fulbright-Schuman Scholar Michelle Frasher breaks down where the EU's fourth anti-money laundering directive stands, including specifics in recent texts, and the potential future of data protection and anti-money laundering regulations in the EU.
More
ENFORCEMENT
The U.K. Information Commissioner's Office announced intent to fine Clearview AI 17 million GBP for alleged misuse of scraped images and data, along with its use of facial recognition technology. The ICO also fined the U.K. Cabinet Office 500,000 GBP for violations stemming from a 2019 breach.
More
ASIA-PACIFIC
The Joint Committee of Parliament reviewing India's Personal Data Protection Bill received a sixth extension until the final week of the current winter session to submit its report, according to The Economic Times.
More
Court of India Justice B.N. Srikrishna criticized the current version of India's Personal Data Protection Bill during an interview with Moneycontrol. Srikrishna, a drafter of the original PDPB framework in 2018, called the current bill a "hotchpotch law" that is "loaded in favour of the government."
More
EUROPE
European Commission Vice President for Values and Transparency Věra Jourová warned against more EU General Data Protection Regulation enforcement power being given to EU institutions if consistent enforcement among member states cannot be reached, Politico reports.
More
The European Commission announced a provisional agreement with European Parliament and the Council of the European Union to move forward with the EU Data Governance Act.
More
Financial Times reports European Commission Executive Vice President Margrethe Vestager supports the idea of the EU pushing through whatever regulations it can agree to against Big Tech companies, noting "it is best to get 80 percent now than 100 percent never."
More
The Council of the European Union’s proposed Artificial Intelligence Act would enable those acting on behalf of law enforcement authorities to operate biometric surveillance systems, Statewatch reports.
More
Hamburg's Commissioner for Data Protection and Freedom of Information announced Germany's Federal Act on the Regulation of Data Protection and Privacy in Telecommunications and Telemedia took force Dec. 1.
More
Former U.K. Information Commissioner Elizabeth Denham voiced her concerns regarding the direction of the proposed U.K. data reforms.
More
The U.K. Central Digital and Data Office rolled out an algorithmic transparency standard for government agencies and the public sector.
More
