In this week's Privacy Tracker global legislative roundup, China's Personal Information Protection Law has taken force. Approval was given on a regulation for inspections and sanctioning processes for Brazil's data protection authority. Many updates on the privacy work of the U.S. Federal Trade Commission. And U.S. Sen. Catherine Cortez Masto, D-Nev., submitted the latest federal privacy law proposal to Congress.
THE LATEST
The board directors for Brazil's data protection authority, the Autoridade Nacional de Proteção de Dados, approved the Regulation of the Inspection Process and the Sanctioning Administrative Process under the General Data Protection Law.
More
China's Personal Information Protection Law took effect Nov. 1. IAPP Staff Writer Jennifer Bryant collected reactions on the new law and its expected impacts.
More
The Unique Identification Authority of India requested the government to consider exempting its work from the draft Personal Data Protection Bill, The Hindu reports.
More
U.S. Sen. Catherine Cortez Masto, D-Nev., reintroduced her federal privacy bill, the Digital Accountability and Transparency to Advance Privacy Act.
More
ICYMI
IAPP Staff Writer Joe Duball spoke with a trio of U.S. Federal Trade Commission alumni to get their perspectives on a number of different happenings involving the agency, including a potential privacy rulemaking process.
More
ENFORCEMENT
Norway's data protection authority, Datatilsynet, announced a fine of NOK 4 million against municipality Ostre Toten due to security deficiencies that led to a ransom attack on its IT systems and data in January.
More
The U.K. Information Commissioner’s Office said an email error led to a breach of personal data and a 10,000 GBP fine for a Scottish charity, prompting a warning for organizations to revisit bulk email practices.
More
The U.S. Federal Trade Commission announced it will ramp up its enforcement work on so-called "dark patterns" being used on consumers in the subscription market. The commission said the heightened attention comes after a "rising number of complaints about the financial harms caused by deceptive sign up tactics."
More
The U.S. District Court for the Northern District of Illinois approved a $17.6 million settlement proposal from insurance company Kemper after two data breaches in December 2020 and March 2021 potentially compromised the data of 6.1 million people.
More
ASIA-PACIFIC
The Cyberspace Administration of China announced a public consultation on its draft "Measures for Data Exit Security Evaluation."
More
According to Voice of America, a telecommunications law in Hong Kong around mobile SIM card registrations is generating privacy concerns. The law, which took effect in September, calls for registrants to initially provide identity documents to register cards, but the requirement will change in March 2022 to a submission of full legal names.
More
CANADA
A spokesperson for the Office of the Privacy Commissioner said the OPC "was not consulted" on the Liberal Party's online harms bill, though it deals with online safety and privacy, the National Post reports.
More
US
The Government Ownership and Oversight of Data in Artificial Intelligence Act introduced in the U.S. Senate would seek to ensure federal contractors use data collected through AI properly, Biometric Update reports.
More
The U.S. Federal Trade Commission announced it updated the Safeguards Rule to better protect against personal data breaches and cyberattacks that lead to identity theft and other financial losses.
More
Forty-five U.S. advocacy groups from across sectors joined on a letter to FTC Chair Lina Khan urging her and the agency to take up a privacy rulemaking, the Free Press reports. The groups asked for a rulemaking that covers "entire life cycle of data—collection, use, management, retention, and deletion" and one that ensures consumers "significant protection from discrimination and related data harms."
More
