In this week’s Privacy Tracker weekly legislative roundup, read about the Irish High Court’s decision in Irish Data Protection Commissioner v. Facebook and Max Schrems, why the case is important and what to expect next. Also in the EU, the LIBE vote on the ePriavcy Directive has been delayed. In Kuwait, the Constitutional Court has overturned a law requiring DNA collection from all citizens and resident foreigners. In Sri Lanka, the Supreme Court will take up a case challenging a national database on citizens. In the U.S., federal lawmakers are considering the Secure and Protect Americans’ Data Act, the TSA Modernization Act, legislation designed to overhaul aspects of Section 702 of the Foreign Intelligence Surveillance Act, and support for a federal data breach notification standard may be growing. 

LATEST NEWS

The Supreme Court of Canada unanimously ruled to give former Indian residential school system students 15 years to decide whether they want their stories preserved in government archives, reports the Ottawa Star.
More

Kuwait’s Constitutional Court has overturned a law requiring DNA collection from all citizens and resident foreigners, reports Ars Technica.
More

SC Magazine reports that Russian laws enabling the faster blocking of proxies and mirrors of banned websites are now in effect, with a law blocking VPNs to go into effect Nov. 1.
More

Sri Lanka's Supreme Court will take up a case petitioning efforts by the Department of Registration of Persons to create a national database on citizens, reports Economy Next.
More

U.S. Rep. Jan Schkowsky, D-Ill., has re-introduced the Secure and Protect Americans’ Data Act, which would set security standards and rules for breach notification, reports The Atlanta Journal-Constitution.
More

Forbes reports that U.S. Sen. John Thune, R-S.D., has introduced the TSA Modernization Act, which would see facial recognition technology introduced at airport security lines, baggage drops and more.
More

Cases addressing the privacy concerns of biometric data use are moving quickly in Illinois as other states consider laws similar to its Biometric Information Privacy Act, reports Hunton & Williams’ Privacy & Information Security Law Blog.
More

The Daily Beast reports, a Texas judge has ruled that sharing voters’ personal data with President Trump’s voter fraud commission violates the states privacy laws.
More

A bill in front of the Wisconsin Assembly aims to create a statewide policy for making public the recordings made with police body cameras, reports the Associated Press.
More

ICYMI

The big vote on the ePrivacy Regulation in the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs will be delayed by at least a week. IAPP European Correspondent Jennifer Baker has the details, plus new opinions from Parliament's Legal Affairs and Industry, Research and Energy committees, as well as extensive ePrivacy criticism from the European Data Protection Supervisor. 
More

The Irish High Court decision in Irish Data Protection Commissioner v. Facebook and Max Schrems (aka “Schrems 2.0”) has put the validity of standard contractual clauses in doubt. IAPP Westin Fellow Muge Fazlioglu, CIPP/US, reports for The Privacy Advisor on the case and what’s next.
More

In Data Protection Commission v. Facebook & Schrems, Irish High Court Judge Caroline Costello concurred with the Data Protection Commissioner that “there are well founded grounds for believing that [standard contractual clause] decisions are invalid …” Denis Kelleher, CIPP/E, analyzes the judgment and what it means for The Privacy Advisor.
More

IAPP Westin Fellow Lee Matheson, CIPP/US, writes for The Privacy Advisor about the complex background of “Schrems 2.0” and its potential to jeopardize continued trans-Atlantic data flows from the European Union to the United States.
More

In Bărbulescu v. Romania, the European Court of Human Rights affirmed the right of employers to monitor employees’ online activities and electronic communications subject to certain restrictions. Federica De Santis, CIPP/E, and Karen Neuman of Goodwin write for Privacy Tracker on the ruling and the impacts it may have.
More

GLOBAL

At last week's 39th International Conference of Data Protection and Privacy Commissioners in Hong Kong, a group of data protection authorities from around the world agreed upon a resolution urging relevant stakeholders to implement data protection controls in autonomous vehicles.
More

US

Several U.S. lawmakers unveiled legislation designed to overhaul aspects of Section 702 of the Foreign Intelligence Surveillance Act, Reuters reports.
More

In the wake of the Equifax breach, bipartisan support for a federal data breach notification standard may be growing, The Hill reports.
More

Following the Equifax data breach, the Trump administration is looking for ways to replace Social Security numbers as the primary method of identity verification, Bloomberg reports.
More

ASIA PACIFIC

Australian Prime Minister Malcolm Turnbull announced that a facial recognition matching agreement has been reached among federal, state and territory leaders at the Council of Australian Governments to update existing practices of data sharing between agencies, the Guardian reports.
More

Speaking at the iappANZ 2017 Summit in Sydney, Australian Information and Privacy Commissioner Timothy Pilgrim released data on the number of privacy complaints his office received this past year, ZDNet reports.