In this week’s Privacy Tracker weekly legislative roundup, read about newly released Article 29 Working Party guidance on data breach notification, profiling and automated decision-making under the EU General Data Protection Regulation, and its finalized data protection impact assessment guidance. Members of the European Parliament’s civil liberties committee approved Rapporteur Marju Lauristin’s report on the ePrivacy Regulation. Latvia and Poland both have new proposals to help bring them in line with the GDPR. In the U.S., the Senate Intelligence Committee will debate a bill that would reauthorize controversial FBI surveillance powers, two senators have introduced legislation to increase transparency about digital political ads, and an amendment to the Privacy Act went into effect, allowing federal officials to collect social media information from all immigrants seeking to enter the country. 

LATEST NEWS

Denmark’s Education Minister has proposed a law allowing schools to access students’ personal laptops and check students’ search histories and social media activity, Tech Spot reports.
More

Latvia’s Ministry of Justice has published a draft Law on Personal Data Processing, which aims to bring the nation into compliance with the EU General Data Protection Regulation, Payments Compliance reports.
More

Poland’s Ministry of Digitization has drafted an amendment to the country’s labor code in an effort to comply with the GDPR, Clifford Chance reports.
More

The Washington Post reports that the U.S. Senate Intelligence Committee will this week debate a bill that would reauthorize FBI surveillance powers, including using information collected from tech companies without a warrant in terrorism cases and for other serious crimes.
More

The Hill reports that U.S. Sens. Amy Klobuchar, D-Minn., and Mark Warner, D-Va., will introduce legislation to increase transparency about digital political ads this week.
More

An amendment to the U.S. Privacy Act went into effect Oct. 18, allowing federal officials to collect usernames and other social media information from all immigrants seeking to enter the country, Voice of America reports.
More

California’s Salary Privacy Bill went into effect last week. The bill prohibits employers from asking prospective employees about past salaries, JD Supra reports.
More

Minnesota lawmakers are considering House and Senate bills that aim to amend student privacy laws, requiring training for school staff and opt-in consent for the sharing of data by schools and third-party software companies, Minnesota Daily reports.
More

The New York City Council Committee for Technology held a hearing on a bill that would require transparency for algorithms used by the city’s agencies, the Columbia Journalism Review reports.
More

The Vermont Supreme Court has ruled that state employees can be compelled to turn over public records from personal email and phone accounts, Seven Days reports.
More

ICYMI

Members of the European Parliament’s civil liberties committee approved Rapporteur Marju Lauristin’s report on the ePrivacy Regulation and granted a mandate for further negotiations. IAPP EU Correspondent Jennifer Baker writes about it in this exclusive for The Privacy Advisor, where she rounds up reactions from MEPs.
More

This week, the Article 29 Data Protection Working Party released its proposed guidelines on data breach notifications, which are open to public comment until Nov. 28. IAPP Westin Fellow Muge Fazlioglu, CIPP/US, recaps the guidance for The Privacy Advisor so you have time to get your thoughts to the WP29.
More

The Article 29 Working Party has drafted new guidelines covering profiling and automated decision-making under the forthcoming GDPR. IAPP Westin Fellow Lee Matheson, CIPP/US, recaps the draft for The Privacy Advisor so you can get your feedback in before Nov. 28.
More

The Article 29 Working Party has published this week its “last revised” guidelines on data protection impact assessments and determining whether processing is “likely to result in a high risk” for the purposes of the GDPR. IAPP Westin Fellow Muge Fazlioglu, CIPP/US, has the details of WP29's final thoughts on the matter. 
More

IAPP Westin Fellow Muge Fazlioglu, CIPP/US, looks at the European Commission’s first Annual Review of the EU-U.S. Privacy Shield for The Privacy Advisor.
More

US

In response to Equifax’s data breach, congressional Republicans have introduced a bill requiring the three major credit firms to submit regular cybersecurity reviews for the first time, The Wall Street Journal reports.
More

In a move that has been rumored since at least August, U.S. President Donald Trump has nominated antitrust attorney Joseph Simons to become chairman of the Federal Trade Commission, Reuters reports.
More

Starting Jan. 1, a new California state law will prohibit employers from asking potential applicants about their salary history and, if asked, the company must divulge the pay range for the job in question, SFGate reports.
More

Three towns in Pennsylvania have received attention from internet companies after announcing they are looking to pass laws that would prohibit internet service providers from sharing customers' personally identifiable information with advertisers without consent, Bucks County Courier Times reports.
More

AFRICA

Zimbabwe President Robert Mugabe announced that Patrick Chinamasa, formerly the minister of finance, will now head the new Cyber Security, Threat Detection, and Mitigation ministry in a recent cabinet reshuffling, Quartz reports.
More