Partisan split on federal US privacy law hinders progress

(Feb 19, 2019) The Wall Street Journal reports U.S. lawmakers continue to be divided on what form a federal U.S. privacy law should take. The partisan split stems from Republicans who seek national rules to override state laws and Democrats who do not want a federal law to replace stronger legislation found on the state level. “The fact that — even after many hearings last year on the misuse of personal data — not one consensus bill has been introduced is telling,” Georgetown Law Institute for Technology and P... Read More

US Senate confirms Barr amid privacy concerns

(Feb 15, 2019) The Senate voted to confirm U.S. President Trump’s nominee William Barr as the next head of the Department of Justice, replacing Attorney General Jeff Sessions, TechCrunch reports. Privacy advocates have criticized Barr’s nomination, raising concerns that if confirmed, he could expand the country’s surveillance practices. Sen. Ron Wyden, D-Ore., said, “Based on his own testimony, it is clear that Mr. Barr has fundamental problems with the Fourth Amendment, or at least its application to anything... Read More

Molloy to step down as NL privacy commissioner

(Feb 15, 2019) Newfoundland and Labrador Information and Privacy Commissioner Donovan Molloy will step down from his position to become a territorial judge in the Northwest Territories, CBC News reports. N.L. House Speaker Perry Trimper said a committee will be formed to find an acting commissioner and, ultimately, Molloy’s replacement. "Donovan Molloy has done a great job in this role and while I'm sad to see him go, I've come to know him well enough to know how excited he is about the opportunity in the Nort... Read More

Ceredigion council accidentally leaks personal data through website

(Feb 14, 2019) Sensitive information was found to have been exposed on the Ceredigion council’s website, BBC News reports. The council’s audit committee was told 98 exempt documents were published when the website was designed back in 2013; however, the breach was only discovered last August. Ceredigion Senior Customer Contact Officer Arwyn Morris said the most sensitive information leaked was the health information that belonged to eight citizens. The U.K. Information Commissioner’s Office is expected to rele... Read More

Irish DPC concerned with waste companies' data-collection plans

(Feb 14, 2019) The Irish Data Protection Commissioner expressed its concerns about private waste companies that plan to collect customers’ Eircodes and pass them to local councils in order to identify homes without private waste collectors, the Irish Independent reports. The Dublin City Council has placed bylaws in place for the plan, and a spokesman for the Department of the Environment said local authorities had permission to gather the data. The DPC said it was not consulted on the proposal, which could ope... Read More

ICO releases Brexit checklist for law enforcement

(Feb 14, 2019) The U.K. Information Commissioner’s Office has released a checklist for law enforcement authorities to follow in the event the U.K. leaves the European Union without a data deal. The checklist is broken down into five steps. The ICO advises law enforcement to continue to comply with Part 3 of the Data Protection Act 2018, review all their documentation, and educate staff members on “the ongoing importance of data protection compliance, as well as specific implications for data flows.” The checkl... Read More

Dispatch from Paris: DPAs are flooded with complaints

(Feb 13, 2019) If there was a takeaway from the IAPP Data Protection Intensive — Paris session, "The Regulators' View," it was surely this: The General Data Protection Regulation has created massive shifts in how data protection authorities in the EU must budget, staff, prioritize and operate.  At the event here in Paris Wednesday, Cathal Ryan, assistant commissioner at the Data Protection Commission in Ireland, said the most obvious change is the sheer workload. For example, now that the Article 29 Working P... Read More

Dispatch from Paris: DPAs are overwhelmed with complaints

(Feb 13, 2019) If there was a takeaway from the IAPP Data Protection Intensive — Paris session, "The Regulators' View," it was surely this: The General Data Protection Regulation has created massive shifts in how data protection authorities in the EU must budget, staff, prioritize and operate. At the event here in Paris Wednesday, Cathal Ryan, assistant commissioner at the Data Protection Commission in Ireland, said the most obvious change is the sheer workload. Michael Kaiser, data protection officer at the H... Read More

GOP senators mull centralized government cybersecurity authority

(Feb 13, 2019) Senate Homeland Security Chairman Ron Johnson, R-Wis., and Sen. Mike Rounds, R-S.D., told The Washington Post they are considering how they might establish a centralized government authority for cybersecurity issues. At present, responsibility for the U.S. government's cybersecurity is spread throughout government agencies, potentially creating gaps for adversaries to exploit via hacking government agencies or infrastructure. A potential solution would ensure that DHS, the Department of Defense ... Read More

Judge rules documents in Facebook encryption case must remain sealed

(Feb 13, 2019) U.S. District Judge Lawrence O’Neill ruled against two bids to have documents unsealed that described efforts by the U.S. government to have Facebook decrypt voice conversations on its Messenger app, Reuters reports. Law enforcement asked Facebook to decrypt the conversations as part of its investigations into the MS-13 gang. The American Civil Liberties Union argued the public’s right to know about encryption laws outweighed any criminal investigation. O’Neill ultimately ruled to keep the docum... Read More