In this week's Privacy Tracker global legislative roundup, a look at highlights from the published California Consumer Privacy Act enforcement examples. The IAPP updated its tracker for CCPA and California Privacy Rights-related amendments. WhatsApp appealed its hefty EU General Data Protection Regulation fine from Ireland's Data Protection Commission. U.K. Information Commissioner Elizabeth Denham floated the idea of a global privacy accord. And Saudi Arabia approved privacy legislation.
THE LATEST
Denmark's data protection authority, Datatilsynet, issued a DKK 500,000 fine to the Region of Southern Denmark related to insufficient data security measures for personal data on its website.
More
A proposed digital identification bill in Jamaica, and its provisions for collection and access to personal data, is raising privacy concerns, The Rappler reports.
More
U.S. Chamber Technology Engagement Center Vice President John Crenshaw wrote an op-ed advocating for U.S. Congress to legislate on privacy and avoid a developing patchwork of federal and state privacy law.
More
ICYMI
For Privacy Perspectives, Sidley Austin Partner Alan Charles Raul analyzes privacy discussions and happenings around the world that highlight efforts toward commonality, convergence and harmonization.
More
Greenberg Traurig Of Counsel Darren Abernethy, CIPP/A, CIPP/C, CIPP/E, CIPP/G, CIPP/US, CIPM, CIPT, FIP, PLS, provides 10 takeaways the office of the attorney general of California provided in their California Consumer Privacy Act case enforcement examples.
More
The IAPP updated its "CCPA-/CPRA-Related Legislation Tracker" to reflect recent updates from the California Legislature.
More
ENFORCEMENT
France's data protection authority, the Commission nationale de l’informatique et des libertés, announced the results of its second round of cookie compliance notices, noting 30 of the 40 notices issued were resolved.
More
The Irish Times reports WhatsApp filed its appeal of Ireland's Data Protection Commission's 225 million euro EU General Data Protection Regulation fine over various breaches of transparency principles.
More
Ireland's Data Protection Commission announced probes into alleged EU General Data Protection Regulation violations by TikTok. The DPC will examine potential breach of GDPR data-protection-by-design and -default requirements for minors' data while also investigating claims of unlawful data transfers to China.
More
Denmark’s data protection authority, Datatilsynet, recommended a fine of DKK 400,000 against the Central Jutland Region for not adequately protecting the region’s patient records stored in an archive with the Livstilscenter Brædstrup lifestyle center.
More
The U.K. Information Commissioner's Office fined three companies a combined 450,000 GBP after they sent more than 354 million nuisance messages without consumer consent.
More
The U.S. Federal Trade Commission announced approval of eight new compulsory process resolutions to enable higher caseloads. The commission also adopted a policy statement confirming health applications and connected devices that collect or use consumers’ health information must notify them in the event of a data breach in compliance with the Health Breach Notification Rule.
More
The Wall Street Journal reports the U.S. Securities and Exchange Commission reached a $10 million settlement with App Annie, a mobile applications analytics company, in relation to allegations of insufficient disclosure of data practices.
More
EU
European Commission President Ursula von der Leyen announced the introduction of a cybersecurity law for connected devices, Euractiv reports.
More
U.K. Information Commissioner Elizabeth Denham spoke with The Wall Street Journal on a number of hot-button topics in data protection, including consideration for a global privacy standard.
More
MIDDLE EAST
According to IndiaTV News, the Council of Ministers of Saudi Arabia approved the Personal Data Protection Law, which will take effect March 13, 2022.
More
US
A bill currently before Massachusetts’ Joint Committee on Education would update the state’s statute on student data privacy in K-12 schools, GBH News reports. The proposed bill would limit the ways online service vendors could use, share, sell or rent student data.
More
