The European Commission drafted rules that will force Big Tech companies to disclose how political groups execute targeted advertising. In India, the Joint Parliamentary committee reviewing the country’s draft Personal Data Protection bill is expected to reconvene and consider amendments. And in the U.S., the Senate Committee on Commerce, Science, and Transportation discussed a potential data security law, and the California Privacy Protection Agency released the agenda for its upcoming Oct. 18 meeting, the first for newly appointed executive director Ashkan Soltani.

LATEST NEWS

The California Privacy Protection Agency released the agenda for its next public meeting Oct. 18. The meeting will include potential revisions to existing California Consumer Privacy Act rules.
More

European Parliament's Committee on Civil Liberties, Justice and Home Affairs voted in favor of a proposal to increase Europol's ability to process large datasets and share data with private companies, Politico reports.
More

Politico also reports the European Commission drafted rules that will force Big Tech companies to disclose how political groups execute targeted advertising.
More

ICYMI

The U.S. Senate Committee on Commerce, Science, and Transportation discussed a potential data security law during its second privacy hearing in two weeks. IAPP Staff Writer Jennifer Bryant has the details.
More

On Jan. 1, 2023, California will become the first state to have a comprehensive data privacy law covering human resources data when the California Privacy Rights Act becomes operational. Perkins Coie’s Data Privacy Counsel Arsen Kourinian, CIPP/A, CIPP/C, CIPP/E, CIPP/US, CIPM, FIP, Partner Dominique Shelton Leipzig, CIPP/US, and Ida Knox discuss steps the CPPA can take to align employment and privacy rights within the CPRA regulations.
More

France’s data protection authority, the Commission nationale de l’informatique et des libertés, issued a series of injunctions against the Ministry of the Interior over the data protection and privacy compliance of its Automated Fingerprint File, Euractiv reports.
More

Norway’s data protection authority, Datatilsynet, issued a fine of NOK 125,000 against Ultra-Technology AS for assessing an individual’s credit without a legal basis.
More

The U.S. Federal Trade Commission finalized a settlement with the operators of MoviePass over allegations of deceptive marketing and failure to secure subscribers' personal data.
More

ASIA-PACIFIC

According to The Indian Express, the Joint Parliamentary Committee reviewing India's draft Personal Data Protection Bill will likely reconvene Oct. 20 and consider amendments, including expanding provisions to cover non-personal data.
More

CANADA

The OPC opened the draft guidance on facial recognition for police agencies to public consultation, IT World Canada reports.
More

EUROPE

Members of European Parliament voted 377-248 in favor of adopting a resolution that calls for proper safeguards around law enforcement's use of artificial intelligence surveillance and an outright ban on its public use of facial recognition.
More

The Council of the European Union agreed on a negotiating mandate on the proposed Data Governance Act, which creates a framework to help companies or individuals share data securely.
More

The Dutch government published its thoughts on the upcoming Data Act to be proposed by the European Commission, saying individuals and smaller companies should “be able to benefit from the use of data and trust that their rights and interests are protected,” Euractiv reports.
More

The U.K. Information Commissioner's Office announced its submission to the public consultation on the Department for Digital, Culture, Media and Sport's proposed data reforms. Information Commissioner Elizabeth Denham wrote she mostly supports DCMS's review, but "the devil will be in the detail" as the proposals evolve.
More

US

U.S. President Joe Biden signed the "K-12 Cybersecurity Act of 2021," requiring the Cybersecurity and Infrastructure Agency to study cybersecurity risks facing students and develop recommendations to assist schools. 
More 

Members of the U.S. Senate Committee on Commerce, Science, and Transportation's Subcommittee on Consumer Protection, Product Safety, and Data Security used a hearing with Facebook whistleblower Frances Haugen to lament the need for Congress to act on federal privacy legislation, The Wall Street Journal reports.
More

U.S. Sens. Ed Markey, D-Mass., and Richard Blumenthal, D-Conn., with U.S. Rep. Kathy Castor, D-Fla., reintroduced the Kids Internet Design and Safety Act to address online practices that pose harm to children online.
More

Gov. Gavin Newsom, D-Calif., signed a pair of bills into law that amend the CCPA and the CPRA.
More

The Massachusetts Legislature's Joint Committee on Advanced Information Technology, the Internet and Cybersecurity will hold a virtual hearing Oct. 13 to consider data privacy-related bills.
More

GUIDANCE

Brazil's data protection authority, the Autoridade Nacional de Proteção de Dados, published an information security guide for small-scale data processors.
More

The Baden-Württemberg Commissioner for Data Protection and Freedom of Information in Germany published a revised frequently-asked-questions document on international data transfers.
More

Hong Kong’s Office of the Privacy Commissioner for Personal Data published a guidance note and accompanying frequently-asked-questions document on the use of the EU's updated standard contractual clauses.
More

South Korea's Personal Information Protection Commission published guidance on preparations for the launch of a specialized binding agency dedicated to pseudonymized data.
More

Spain's data protection authority, the Agencia Española de Protección de Datos, wrote a blog post discussing how anonymization and pseudonymization techniques differ.
More