![Default Article Featured Image_laptop-newspaper-global-article-090623[95].jpg](https://images.contentstack.io/v3/assets/bltd4dd5b2d705252bc/blt61f52659e86e1227/64ff207a8606a815d1c86182/laptop-newspaper-global-article-090623[95].jpg?width=3840&quality=75&format=pjpg&auto=webp)
In this week’s Privacy Tracker global privacy legislative roundup catch up on the past week’s reporting out of the EU on the Schrems decision and Safe Harbor. In U.S. legal news, read about Pennsylvania’s proposed student privacy legislation, California’s new data breach notification law and vetoed RFID bill, Vermont’s plans to overhaul its personal privacy laws, and the latest push at the U.S. Capitol for mental health reform legislation. Also, South Africa’s new “Cybercrimes and Cybersecurity Bill” is set to create 20 new cybercrimes; Brazil has launched a public consultation on issues of Internet law, and India’s use of Aadhaar cards will see an expansion. And, it looks like Australia will have to wait until 2016 before it sees passage of any new data breach legislation.
Latest News
Australia will not be passing any new data breach legislation this year, according to Attorney-General George Brandis, ZDNet reports.
Brazil’s Ministry of Justice recently “launched a public consultation concerning the regulation of Internet Law,” particularly with regard to issues of net neutrality, privacy, log access information and other matters, Mondaq reports.
In Germany, the Lower House of Parliament voted in favor of data-retention legislation, Deutsche Welle reports. The proposed law would require “telecoms companies to retain details of Germans' communications for 10 weeks,” The Local reports, but according to ZDNet, it has yet pass the Upper House of Parliament.
India’s Supreme Court has ruled that voluntary Aadhaar cards, issued by the Unique Identification Authority of India, can now be used in welfare schemes and other fund programs, The New Indian Express reports.
South Africa’s new Cybercrimes and Cybersecurity Bill is set to create “20 new cybercrime offences,” expanding on the already-existing Electronic Communications and Transactions Act, according to Norton Rose Fulbright’s Data Protection Report.
In the U.S., Law360 reports that a National Association of Insurance Commissioners task force has “looked past industry objections,” adopting “a cybersecurity ‘bill of rights’ that state regulators could give to consumers if it receives final approval by the standards-setting body.
A California bill “that would have seen an option for (RFID) tags in driver’s licenses” has been vetoed by Gov. Jerry Brown, Tech Times reports, highlighting potential privacy and security concerns. Brown has signed a data breach notification law that includes new standards for data encryption and defining personal information “following large scale data breaches at some of the country’s most prominent health systems, which include UCLA Health,” reports FierceHealthIT. And Privacy This Week looks at the six privacy-related bills Brown signed earlier this month.
Pennsylvania lawmakers have introduced two bipartisan student privacy bills that would allow schools to “still use education technology products that amass, sell or share student data—but only after notifying parents and allowing them to opt out,” Pittsburgh Post-Gazette reports.
Vermont lawmakers are considering new personal privacy laws ahead of the next legislative session to “ensure high-tech gadgetry doesn’t cut into Vermont’s long-held tradition of privacy protection,” reports WCAX.
ICYMI
“Just hours before the Article 29 Working Party was to meet Thursday afternoon in an extraordinary plenary session on the European Court of Justice’s (ECJ’s) recent Safe Harbor invalidation, one of its members, European Data Protection Supervisor Giovanni Buttarelli, pronounced himself ‘largely optimistic’ about the future of cross-border data transfers with the U.S.,” IAPP Publications Director Sam Pfeifle writes for The Privacy Advisor. The European Parliament's Civil Liberties Committee (LIBE) met earlier in the week to debate the ECJ’s decision in the Schrems case, and the resounding message, Pfeifle reports, was what took so long? And on Wednesday, Pfeifle details in another report, the European Commission suffered the “slings and arrows” of a European Parliament unhappy with the institution's handling of the now-invalidated agreement.
The Privacy Advisor reports on a meeting of the European Parliament's Civil Liberties Committee (LIBE) where LIBE Vice Chairman Jan Philipp Albrecht, Green MEP and rapporteur to the General Data Protection Regulation (GDPR), provided a report on the trilogue negotiations around the GDPR. Albrecht said it's "realistically possible" negotiations will conclude before end of year.
GLOBAL
To help global organizations navigate privacy regulations, which vary from country to country and can conflict with one another, Forrester has published its 2015 Data Privacy Heat Map featuring in-depth analysis of the laws and cultures of 54 countries, Forbes reports.
U.S.
The Hill reports on a group of large U.S.-based technology companies that has sent a letter to House of Representatives leadership urging them to pass the Judicial Redress Act, which would extend certain privacy protections to EU citizens.
Business Insider reports that the Computer & Communications Industry Association is opposing the Cybersecurity Information Sharing Act (CISA), while The Hill reports the American Library Association has said CISA would let federal intelligence agencies spy on people using library computers.
A group of House Republicans believes the foray of the Federal Communications Commission "into the privacy regulation space" via ISP privacy enforcement is "troubling," Multichannel News reports.
The Hollywood Reporter examines the 11th Circuit Court of Appeals opinion that Cartoon Network did not breach the Video Privacy Protection Act.
Facebook has asked U.S. District Court Judge James Donato to dismiss a suit alleging its photo-tagging service violates biometric privacy laws, Media Post reports.
The Washington Post reports a federal judge in New York is seeking to expand the debate surrounding law enforcement access to encrypted communications technology.
ASIA PACIFIC
BBC News reports on Australia's controversial data retention law, which came into effect last week.
CANADA
An Ontario judge will soon rule on a consumer privacy case "that pits telecom companies against police departments," The Toronto Star reports.
After a care aide's employment record was sent to reporters, Saskatchewan is making changes to its privacy rules, The Canadian Press reports.
EU
Under a new law signed by Romanian President Klaus Iohannis, state authorities will soon be able to access to such information as "phone-call metadata, equipment IDs and localization," ZDNet reports.