Greetings from Portsmouth, New Hampshire!
I am about to go on my annual vacation with my family, and each year I find myself in the same state of reflection, mainly around how little time I actually take off. I've only taken one personal day so far this year, and it's always the same refrain. I promise myself I'll take more time during the first half of each year, and then I, well, don't. We should all try and take more time for ourselves during the year when we can. It's good for us.
There will always be plenty of privacy news to dive into when we get back.
Today is the first anniversary of the Court of Justice of the European Union's "Schrems II" ruling, and in case you've taken the complete opposite approach and took the last 365 days off, chances are you have seen references to this case on a daily basis.
And for good reason. The CJEU's ruling threw EU-U.S. data transfers in disarray and only recently has the fog begun to lift. New standard contractual clauses were adopted by the European Commission, which is obviously a plus. On the other hand, a replacement for the EU-U.S. Privacy Shield replacement remains the next shoe to drop.
It will likely take some time, but recent comments from U.S. Department of Commerce Deputy Assistant Secretary for Services Christopher Hoff may offer a little bit of good news. During a recent IAPP LinkedIn Live event, Hoff said negotiations between the EU and U.S. on a new Privacy Shield have progressed beyond the starting line.
Remember, European Union Justice Commissioner Didier Reynders said the next Privacy Shield is years, not months, away. While a new data-sharing agreement may not be coming by the end of summer, privacy professionals should be at least a little bit heartened to hear negotiations aren't at square one.
Another item to keep an eye on came from the Office of the California Attorney General. The agency updated its frequently asked question page on the California Consumer Privacy Act. The attorney general said the Global Privacy Control browser signal "must be honored by covered businesses as a valid consumer request to stop the sale of personal information."
If you don't know what the GPC is, make sure to check out my story on the attorney general's move below. Privacy professionals should familiarize themselves with the GPC. The recently minted Colorado Privacy Act essentially adopted the concept of the GPC, and given California's influence on state privacy legislation to date, it's likely the GPC will be incorporated into future privacy laws in some form.
Enjoy the week, everyone.
If you want to comment on this post, you need to login.