In this week’s Privacy Tracker weekly legislative roundup, read about a new rule from the U.S. Consumer Financial Protection Bureau, a Connecticut Supreme Court ruling that may clear the way for negligence claims for HIPAA violations and the potential for a constitutional right to privacy in Wyoming. In the EU, experts predict data protection reform will be finalized next year, and a parliamentary committee says until a review of the Court of Justice of the EU’s decision on the directive is complete, the new passenger name records program is going to have to wait.
LATEST NEWS
The Consumer Financial Protection Bureau has finalized a rule allowing financial institutions to post their annual privacy notices online rather than having to mail them to customers individually, reports JDSupra.
The U.S. Court of Appeals for the 11th Circuit has upheld Florida’s Firearm Owner’s Privacy Act, prohibiting doctors from asking about and recording information on patients’ ownership of firearms, reports The Daily Caller.
Oklahoma’s social media privacy law went into effect November 1, meaning employers are prohibited from requiring employees or prospective employees to hand over social media log-in information, reports KGOU.
The Associated Press reports a Wyoming legislative task force’s proposal to change the state’s constitution to include a right to privacy is set to go before a committee.
ICYMI
A recent Connecticut Supreme Court ruling may offer a way for individuals to bring claims against healthcare providers and others who engaged in activities that violate HIPAA, writes Kirk Nahra, CIPP/US, of Wiley Rein in this Privacy Tracker post.
U.S.
The Hill reports on a number of technology and privacy issues that policy-makers will look into in the coming months, including National Security Agency and email privacy reform.
Covington & Burling's Jeff Kosseff, CIPP/US, explores 10 ways the recent election could affect privacy and data security law.
IAPP Westin Research Fellow Patricia Bailin, CIPP/US, examines the history of the Federal Trade Commission-Wyndham case and the latest developments in this exclusive for The Privacy Advisor.
"Congress must move forward with legislation that would put retailers, and not just banks, on the hook for at least some of the costs related to data breaches,"Law360 reports, citing comments from Comptroller of the Currency Thomas Curry.
The U.S. Senate could vote on ending the National Security Agency's bulk collection of phone records as early as this month, The Washington Post reports.
Google has announced its desire for the U.S. government to offer EU citizens the same protections from surveillance that are enjoyed by U.S. citizens, reports The Washington Post.
The National Institute of Standards and Technology has released draft guidelines to help organizations share information about cyber-attacks, FierceHealthIT reports.
The Brookings Institution has published a report urging Congress not to respond to privacy concerns about the future implementation of drones by drafting anti-drone legislation, Ars Technica reports.
EU
Luciano Floridi of the University of Oxford writes in The Guardian that Google's advisory council meetings on the RTBF led to more questions than answers.
The proposed EU General Data Protection Regulation will be finalized in 2015. That was the conclusion of leading lights of the EU data protection scene at a recent standing-room-only event in Brussels, John Bowman writes for The Privacy Advisor.
A new report from the Information Technology and Innovation Foundation states the EU's cookie notification policy costs billions of euros per year and offers few benefits, The Wall Street Journal reports.
ASIA PACIFIC
Australian Human Rights Commission (AHRC) President Gillian Triggs said the government’s plan to merge the Office of the Privacy Commissioner (OPC) into the AHRC is "unwieldy" and "simply unworkable" in its present form, ITNews reports.