In this week’s Privacy Tracker legislative roundup, read about the latest actions by U.S. states on social media and student privacy as well as the details of and reactions to Advocate General Yves Bot’s opinion to the European Court of Justice and its potential implications for the EU-U.S. Safe Harbor Agreement. There’s also the latest on the CNIL, France’s Data Protection Authority, and its rejection of an appeal from Google on its right-to-be-forgotten ruling. Plus, find out why India’s government has withdrawn its proposed encryption legislation, and hear from the experts why Chinese privacy law matters.

Latest News

Qatar has reinforced its cybercrime law with the government’s approval of “an amendment that criminalizes photographing those who are injured or killed in accidents and posting them on social media,” Asia Media International reports.

ADVERTISEMENT

Radarfirst- Looking for clarity and confidence in every decision? You found it.

The Electronic Privacy Information Center has filed a Freedom of Information Act lawsuit against the U.S. Coast Guard and the Department of Homeland Security over a program that tracks and records boaters’ locations, WND reports.

JDSupra examines Delaware’s recently enacted “package of statutes governing the collection, storage and use of the personal information of Delaware residents by websites, Internet and cloud service providers and Internet and mobile applications.”

The National Law Review reports on Maine’s new employee social media privacy law, which goes into effect on October 15.

In Wyoming, proposed legislation "would bar school district employees from requiring students to provide them access to social media accounts, smartphones or other personal digital information,” Wyoming Public Radio reports.

ICYMI

Now that the advocate general to the European Court of Justice (ECJ) has declared his opinion that Safe Harbor is invalid, what happens next? Brian Hengesbaugh, CIPP/US, Amy de La Lama, CIPP/US, and Harry Valetk, CIPP/US, look at what the opinion means, where it goes wrong and what the future likely holds for Safe Harbor and those companies that rely on it in this exclusive for Privacy Tracker.

Denis Kelleher, author of Privacy and Data Protection Law in Ireland, writes for Privacy Tracker about what makes the Schrems case so interesting

IAPP VP of Research and Education Omer Tene discusses why the advocate general’s (AG’s) opinion is not good for privacy, writing, "Brought to its logical conclusion, the AG's decision proves too much" in this post for Privacy Perspectives.

Tiffany Li, CIPP/E, CIPP/US, CIPM, CIPT, and Zhou Zhou provide a basic privacy practitioner's guide to privacy law in China in this first installment of a series for The Privacy Advisor.

U.S.

The Phoenix Center's Lawrence J. Spiwak echoes Federal Trade Commissioner Maureen Ohlhausen's sentiments on the FTC's recently released Statement of Enforcement Principles Regarding 'Unfair Methods of Competition' Under Section 5 of the FTC Act in a blog post for The Hill.

U.S. District Court Judge Edward Davila has given LinkedIn's proposed $1.25 million settlement of a 2012 class-action suit final approval, Media Post reports.

In an interview with CSM Passcode, Microsoft Executive Vice President and General Counsel Brad Smith talks about the ongoing litigation with the U.S. Department of Justice over emails stored in Ireland and the importance of security equilibrium.

Jeff Kosseff, CIPP/US, formerly with Covington & Burling and now an assistant professor at the U.S. Naval Academy, writes for TechCrunch on the need for comprehensive reform of cybersecurity law in the U.S.

ASIA PACIFIC

After much criticism, India’s government has pulled its draft encryption legislation, Digit reports.

EU

The French data protection authority, the CNIL, has rejected an appeal by Google on the so-called right to be forgotten, The New York Times reports.

Research from Queen Mary University of London's School of Law and lawyers at Pinsent Masons indicates the General Data Protection Regulation (GDPR) "will require big improvements to organisations' computer security," Computing reports.

ITProPortal examines the GDPR's implications for protecting employee data.

AFP reports a Moscow city court has fined Google nearly 800,000 euros for allegedly violating the privacy of a Russian citizen through its targeted advertising.

An attorney for the Belgium Privacy Commission has told a judge not to be intimidated by Facebook in a case in which the commission is trying to require the company to change its privacy policy for Belgian citizens, Bloomberg Business reports.