This week’s Privacy Tracker global privacy legislative roundup includes highlights of exclusive coverage released in the past week on the recent European Court of Justice ruling on the Schrems case—including a blog post from Max Schrems himself. In U.S. legal news, read about some of the latest developments for the Cybersecurity Information Sharing Act and the Judicial Redress Act. In Germany, Parliament’s Lower House has voted to pass a new Data Retention Act, while in Japan, the National Diet has passed amendments to the 2003 Personal Information Privacy Act. And in Canada, read about provisions in Ontario's reintroduced legislation to amend the Personal Health Information Protection Act.
Latest News
Germany’s Lower House has voted to pass a new Data Retention Act that would implement mandatory metadata retention policies for service providers, ZDnet reports. The act has received recent criticism from Schleswig-Holstein's state commissioner for data protection, according to DataGuidance’s Privacy This Week.
The National Diet of Japan has passed amendments to the 2003 Personal Information Privacy Act intended to tighten privacy protections and facilitate use of big data, Winston & Strawn's Privacy Law Corner reports.
In the U.S., a task force for the National Association of Insurance Commissioners is seeking final approval for a cybersecurity “bill of rights” for policyholders, reports Law360.
U.S. Sen. Ed Markey (D-MA) has released a statement on the FAA’s recent announcement that it would be creating a task force to develop recommendations for a drone registration process. “Standards for informing the public and promoting accountability must be put in place now to protect safety and individual privacy as the drones are taking flight," Markey said.
The U.S. Department of Justice says the recent Safe Harbor ruling in the EU “has no bearing on [its] case” against Microsoft regarding a “warrant issued under the Electronic Communications Privacy Act to force the company to produce customer emails housed on a server in Ireland,” reports Law360.
The Hill reports the Cybersecurity Information Sharing Act (CISA) is scheduled for a final vote on Tuesday. CISA cleared its first hurdle last week as the Senate voted 83-17 to end debate on a package of amendments to the bill.
ICYMI
With the proposed EU General Data Protection Regulation right around the corner, "It's time for businesses to contemplate how to comply ... generally and specifically," SPQR Strategies' Tim Sparapani writes for Privacy Perspectives.
In this first in a series of posts for Privacy Tracker, Dentons Partner Timothy Banks, CIPP/C, CIPM, outlines provisions in Ontario's reintroduced legislation to amend the Personal Health Information Protection Act.
In this exclusive for Privacy Perspectives, Max Schrems analyzes what the European Court of Justice (ECJ) decision means for a new agreement many are calling "Safe Harbor 2.0." Editor's Note: Schrems is slated to speak at the IAPP Europe Data Protection Congress in Brussels in December during the breakout session, "Safe Harbor Postmortem: Schrems Reflects.”
Bird & Bird's Ruth Boardman and James Mullock, CIPP/E, address enforcement of the ECJ’s recent Safe Harbor ruling as well as some potential solutions in this first part in a series for The Privacy Advisor.
Stuart Ritchie examines the cause of Safe Harbor’s undoing in this exlusive for Privacy Perspectives.
In a development that demonstrates the ripple effect of the ECJ's Schrems decision, the Israeli Law, Information and Technology Authority revoked its prior authorization to transfer data from Israel to the U.S. that relied on Safe Harbor, The Privacy Advisorreports.
In this post for Privacy Perspectives, Brian Hengesbaugh, CIPP/US, offers five common myths about Safe Harbor in order to “set the record straight.”
Irish Data Protection Commissioner Helen Dixon will investigate Max Schrems' complaint about U.S. government access to Facebook data that led to the European Court of Justice’s landmark decision to overturn the Safe Harbor, Denis Kelleher writes for The Privacy Advisor.
In an exclusive for The Privacy Advisor,Sam Pfeifle examines the importance of the passage of U.S. HR 1428, also known as the Judicial Redress Act, for the EU-U.S. Umbrella Agreement and the creation of "Safe Harbor 2.0."
GLOBAL
U.S. Federal Trade Commission Bureau of Consumer Protection Director Jessica Rich has criticized EU data protection authorities for doing little to help crack down on violations of Safe Harbor, EUObserver reports.
U.S.
The House Energy and Commerce Committee's proposed auto legislation "would be a setback," Federal Trade Commissioner Terrell McSweeny writes for Wired.
The Federal Trade Commission has announced Sprint will pay $2.95 million to settle charges it violated the Fair Credit Reporting Act.
A federal judge has dismissed a proposed class-action lawsuit against Disney that alleged it shared customers' personal information with a third party in violation of privacy law, Courthouse News Service reports.
ASIA PACIFIC
Yonhap reports a Seoul court has ordered Google "to disclose the list of personal information it has shared with third parties, including a U.S. intelligence agency."
CANADA
Canadian Lawyer Magazine reports on the new tort of intrusion upon seclusion being "implicitly" recognized in Nova Scotia.
EU
The Wall Street Journal reports on the Article 29 Working Party’s highly anticipated guidance on the recent European Court of Justice decision that invalidated Safe Harbor.
Switzerland's Office of the Data Protection and Information Commissioner has ruled the Swiss-U.S. Safe Harbor Agreement is no longer a sufficient basis to transfer personal data to the U.S.