In this week’s Privacy Tracker legislative roundup, read about Italy's new law implementing the EU General Data Protection Regulation. In Kenya, officials note a data protection bill is expected to be introduced to Parliament, and, in South Africa, the constitutional court relied on the right to privacy in a case involving the decriminalization of marijuana for private use. Canada's privacy commissioner published guidelines for mandatory data breach reporting under the country's Personal Information and Electronic Documents Act. And two members of the U.S. House of Representatives have proposed a bill that would require online services to receive consumer opt-in before collecting and using data.
LATEST NEWS
Lexology reports that the Privacy Commissioner of Canada published guidelines on mandatory breach reporting under Canada’s Personal Information and Electronic Documents Act.
More
A government official confirmed Kenya’s Data Protection Bill is currently involved in stakeholder engagement and is expected to be presented to parliament for debate, XinhuaNet reports.
More
In South Africa, the Constitutional Court found the right to privacy extends beyond the boundary of a home and decriminalized the possession and cultivation of marijuana by adults for private consumption, News24 reports.
More
In Indiana, a South Bend city council is considering an ordinance to protect residents' privacy from camera-equipped drones and would apply to both hobbyist and certified operators, the South Bend Tribune reports.
More
ICYMI
In an article for Privacy Tracker, Miguel Recio writes on Spain’s recent adoption of a decree-law temporarily adapting its data protection legislation to the EU General Data Protection Regulation.
More
Rocco Panetta provides an analysis of Italy’s GDPR implementation law that went into effect in this article for Privacy Tracker.
More
US
Reps. Suzan DelBene, D-Wash., and Hakeem Jeffries, D-N.Y., have proposed a bill requiring online services to receive consumer opt-in before collecting and using data.
More
U.S. Senate Commerce Chairman John Thune, R-S.D., said Congress could take the lead in legislating consumer privacy ahead of the committee’s hearing with tech companies and telecom firms, Politico reports.
More
Sens. Jerry Moran, R-Kan., Richard Blumenthal, D-Conn., Roger Wicker, R-Miss., and Brian Schatz, D-Hawaii, have sent a letter to U.S. Secretary of Commerce Wilbur Ross stating they wish to be involved in the potential creations of a federal privacy law, Multichannel News reports.
More
Altaba CEO Thomas McInerney announced the holding company will pay a total of $47 million to settle three lawsuits related to Yahoo data breaches.
More
The U.S. Department of Health and Human Services' Office for Civil Rights has fined three Boston-area hospitals a combined $1 million for violating the Health Insurance Portability and Accountability Act after they allowed TV crews to film patients without their consent, HealthITSecurity reports.
More
In a case that established the threat of identity theft qualities as sufficient injury for giving data breach victims the right to sue, Remijas v. Neiman Marcus, U.S. District Judge Sharon Johnson Coleman rejected a proposed $1.6 million settlement, Reuters reports.
More
ASIA-PACIFIC
According to a senior IT ministry official, the Indian government is hoping to introduce a draft of the Personal Data Protection Bill, 2018, to Parliament in its upcoming winter session, Financial Chronicle reports.
More
CANADA
Information and privacy commissioners around Canada published a joint resolution calling for the federal government to require political parties to disclose the personal information they possess on voters, The Globe and Mail reports.
More
EUROPE
The U.K. Information Commissioner’s Office fined Equifax 500,000 GBP for the credit-monitoring firm’s 2017 data breach.
More
The U.K. Information Commissioner's Office has served data analytics firm AggregateIQ with the first-ever formal notice under the EU General Data Protection Regulation, BBC News reports.
More
MIDDLE EAST
Bloomberg Law reports on the Gulf’s newest nationwide data protection law, the Bahrain Personal Data Protection Law No. 30 of 2018.
More