Greetings from Maine! 

Happy New Year! How are those resolutions coming along? I opted to set intentions for the year instead of resolutions so there would be less guilt when one is inevitably broken before the end of January. 

Lawmakers have certainly set resolutions or intentions regarding privacy laws. A number of privacy laws have already been introduced. You can read more about them in last week’s letter.

At the federal level, while a comprehensive federal privacy legislation hasn’t yet been proposed by U.S. lawmakers, eyes are on the proposed American Innovation and Choice Online Act.

Earlier this week, Apple and Google pushed back against the proposed legislation, citing privacy concerns. Apple alleges there will be adverse impacts on its App Tracking Transparency framework — you can read more about that below.

While we don't typically discuss antitrust bills at great length watching yesterday's Senate Judiciary Committee's markup session of the proposed legislation was fascinating.

The committee advanced the bill with a 16-6 vote and only two amendments. Senators proposed 100 amendments to the bill but withdrew them with the caveat they would be discussed before the bill reaches the Senate floor.

One of the amendments revolved around transborder data flow and in its first draft, would have prevented "data on covered platforms from being transferred to foreign adversaries." The amendment was added to the bill after it was tightened to "only cover data transfers specifically to the government of China or to other foreign adversaries." The bill still has a way to go before advancing to the Senate floor for a vote and will likely face additional amendments along the way.  

The discussion on this topic is timely as it comes on the heels of the Austrian Data Protection Authority’s decision that using Google Analytics violates the EU General Data Protection Regulation.

The decision, in which the Austrian DPA found Google Analytics collects and transfers personal data to the U.S. while failing to protect it from U.S. government surveillance, is sending shockwaves through the privacy community. It's the first of 101 complaints filed across EU countries by advocacy group NOYB, and similar decisions could be forthcoming.

“The decision casts a dark cloud over any conceivable method of legally transferring data between the continents,” Goodwin Procter Partner and IAPP Senior Fellow Omer Tene told IAPP Staff Writer Jennifer Bryant, adding it will have “far-reaching implications.” “In the absence of a breakthrough in Privacy Shield negotiations, data transfers — and consequently international trade — between the EU and U.S. face a bleak future.”

In any event this is certainly something to watch in the data transfer landscape.

Stay warm this weekend.