In this week's global legislative roundup, the U.K. Information Commissioner's Office handed down its stiffest fine to date. The European Data Protection Board addressed simplifying the EU General Data Protection Regulation's dispute-resolution mechanism. Brazil nominated a board of directors for its data protection authority. China is reviewing a draft data protection law. And the U.S. Occupational Safety and Health Review Commission amended the regulations implementing the Privacy Act of 1974.
LATEST NEWS
Belgium's Data Protection Authority found the Interactive Advertising Bureau Europe's Transparency and Consent Framework may violate the EU General Data Protection Regulation, TechCrunch reports.
More
In Canada, the Information and Privacy Commissioner of Ontario offered its submission to the provincial government's discussion on reforming privacy in Ontario's private sector.
More
ICYMI
IAPP Staff Writer Joe Duball offers details of and reaction to the U.K. Information Commissioner's Office's 20 million GBP fine against British Airways while breaking down how the ICO and airline arrived at the penalty.
More
ENFORCEMENT
The European Data Protection Board adopted guidelines during its 39th plenary session on relevant and reasoned objection that will help streamline procedures related to the dispute-resolution mechanism under Article 65 of the EU General Data Protection Regulation.
More
Brazilian President Jair Bolsonaro unveiled his five nominees for the Autoridade Nacional de Proteção de Dados's board of directors, which now need Senate approval.
More
France's data protection authority, the Commission nationale de l'informatique et des libertés, highlights the principles sports clubs should follow when considering data collection measures to limit the spread of COVID-19.
More
Also in France, the CNIL updated its position on facial recognition deployed in airports, saying the use of the technology for identity checks is “not insignificant for the rights and freedoms of the persons concerned.”
More
Spain’s data protection authority, the Agencia Española de Protección de Datos, published the "Default Data Protection Guide," reviewing the practical application of data protection by default in data processing.
More
ASIA-PACIFIC
The Global Times reports China unveiled a draft data protection law. The draft law includes definitions for sensitive data, including biometric, financial, ethnic and religious information.
More
EUROPE
The European Parliament committees on Legal Affairs and Internal Market and Consumer Protection called on the European Commission to address shortcomings within the online ecosystem as it prepares to present the Digital Services Act package by the end of the year.
More
Despite concerns over data transfers to the U.S., France's Council of State will not call for a suspension of the country's Health Data Hub, which is under contract with Microsoft.
More
The European Society for Data Protection filed a lawsuit in a German court against Amazon over its alleged continued use of the EU-U.S. Privacy Shield agreement after it was invalidated by the Court of Justice of the European Union's "Schrems II" ruling.
More
Ireland's Data Protection Commission expects its case concerning Twitter's 2019 data breach to continue into 2021, The Wall Street Journal reports.
More
The Irish High Court granted NOYB Founder Max Schrems a judicial review of the Irish Data Protection Commission's handling of his complaint regarding Facebook's data transfers.
More
US
The U.S. Occupational Safety and Health Review Commission amended the regulations implementing the Privacy Act of 1974, which immediately went into effect. The OSHRC revised 29 CFR part 2400 for the first time since 2006 to both modernize the regulations and make them easier to comprehend.
More
The Electronic Privacy Information Center published its review of the California Privacy Rights Act ballot initiative.
More
Vermont’s Legislature passed a ban on the use of facial recognition technology by law enforcement, WCAX reports.
More
