In this week's Privacy Tracker global legislative roundup, the Cyberspace Administration of China released draft regulations for its data security laws. The Supreme Court of the United Kingdom dismissed a billion-dollar privacy action against Google. And, the European Commission is pursuing legal action against Belgium over concerns its Data Protection Authority is not operating independently as required under the EU General Data Protection Regulation.
THE LATEST
The Cyberspace Administration of China released draft regulations for its data security laws, including the Personal Information Protection Law and others.
More
ICYMI
IAPP Editorial Director Jedidiah Bracy, CIPP, reported on the Supreme Court of the United Kingdom's recent dismissal of a 3 billion GBP ($4 billion) data protection class-action lawsuit against Google for The Privacy Advisor.
More
IAPP Legal Extern Seth Azubuike looked at topics discussed during the Virginia Consumer Data Protection meetings — including implementation of enforcement provisions and proposed increased protections for children — and its final report submitted Nov. 1.
More
ENFORCEMENT
Brazil’s data protection authority, the Autoridade Nacional de Proteção de Dados, highlighted "encouraging results" in first year of operation.
More
Newfoundland and Labrador Information and Privacy Commissioner Michael Harvey said his office will investigate the health care cyberattack impacting hundreds of thousands of employees and patients, CBC reports.
More
The Cyberspace Administration of Hainan Provincial Party Committee alleges 11 mini applications collected and used personal information “in violation of laws and regulations.”
More
Denmark’s data protection authority, Datatilsynet, found grocery store company Coop Danmark did not comply with necessary security measures under the Data Protection Ordinance in processing personal information in the company’s shared drive.
More
The Danish DPA also found the North Jutland Region could have exposed half a million data subjects’ personal data to unauthorized persons through a vulnerability in a self-service solution.
More
The European Commission is pursuing legal action against Belgium over concerns its Data Protection Authority is not operating independently as required under the EU General Data Protection Regulation.
More
The Netherlands’ data protection authority, Autoriteit Persoonsgegevens, urged the Senate not to adopt the proposed Data Processing by Partnerships Act.
More
Norway’s data protection authority, Datatilsynet, continues to investigate the Norwegian Prison and Probation Service’s compliance with privacy regulations.
More
A High Court judge granted WhatsApp Ireland permission to challenge a 225 million euro fine by Ireland’s Data Protection Commission over alleged violations of EU General Data Protection Regulation transparency principles.
More
Gov. Larry Hogan, R-Md., appointed the Maryland's first chief privacy officer and chief data officer. Laura Gomez-Martin, the previous deputy chief information security officer, was appointed CPO.
More
ASIA-PACIFIC
The Joint Parliamentary Committee reviewing India’s draft Personal Data Protection Bill recommends limiting exemptions available to government, Entrackr reports.
More
After long debate, lawmakers have reached a point of agreement on Indonesia’s Personal Data Protection Bill and plan to complete discussions on the proposal during the current session.
More
U.S.
U.S. House lawmakers introduced the Filter Bubble Transparency Act, a proposal that would require internet platforms to offer an algorithm-free version of their services, Axios reports.
More
PRIVACY OPERATIONS MANAGMENT
France’s data protection authority, the Commission nationale de l’informatique et des libertés, published a guide to support charitable, political and other organizations with EU General Data Protection Regulation compliance.
More
The Hellenic Data Protection Authority in Greece, issued guidance on access to information for candidates in the Democratic Socialists of America elections.
More
Ireland’s Data Protection Commission released a summary of requirements on a new online breach notification form.
More
