Global News Roundup July 22, 2019

In this week’s Privacy Tracker global legislative roundup, the U.S. Federal Trade Commission, along with the U.S. Consumer Financial Protection Bureau and all 50 U.S. states, settled with Equifax for $575 million related to its 2017 data breach. Separately, the FTC voted 3-2 to fine Facebook $5 billion, though the Department of Justice is reviewing the proposed settlement. The FTC is also preparing to make amendments to the Children’s Online Privacy Protection Act and is expected to settle with YouTube over alleged privacy violations. The Council of the European Union is set to review the EU General Data Protection Regulation. Turkey’s Personal Data Protection Board filed decision summaries on a handful of cases. A review of Australia’s Assistance and Access Act showed compatibility issues with U.S. and European data laws. In the U.S., North Dakota is set to conceal communications records of state agency leaders. And the Westin Research Center has updated its state privacy law comparison table.

THE LATEST

Kazakhstan is enforcing a new law that allows the government to monitor citizens’ internet use by way of a decryption certificate.
More

A misdemeanor court in Ras Al Khaimah of the United Arab Emirates ordered a woman to pay a Dh 3,000 fine for transferring and copying text messages from her husband’s phone without his consent.
More

The U.S. Federal Trade Commission has finalized a settlement with Google in its investigation into YouTube for violating the Children’s Online Privacy Protection Act.
More

The FTC also agreed to a $700 million settlement with Equifax for its 2017 breach that affected 147 million Americans.
More

Advocacy groups are imploring the U.S. lawmakers to allow consumer and privacy groups to have a bigger role in crafting a federal privacy law.
More

The California Supreme Court has ruled that private postings from social media companies can be used by the defense in a gang-related murder trial.
More

Under a new law that takes effect Aug. 1, North Dakota state agency leaders won’t be required to share their communications with lawmakers even if an open records request is submitted to their department.
More

A federal lawsuit in Washington regarding the disclosure and use of patient records collected by the Clark County Sheriff’s Office during the search of a treatment center was dismissed after parties agreed to table the case.
More

ICYMI

The IAPP reported on the aftermath of Facebook being hit with its $5 billion fine by the U.S. Federal Trade Commission. Editor Angelique Carson, CIPP/US, wrote for The Privacy Advisor on whether the settlement has meaning toward further regulation of big tech. Also, Associate Editor Ryan Chiavetta, CIPP/US, provided a roundup of reactions from U.S. lawmakers in a piece for Privacy Tracker.

The Westin Research Center updated its U.S. State Comprehensive Privacy Law Comparison table. A new map was also created to track the progress of state privacy legislation.
More

APAC

The Law Council of Australia found the country’s Assistance and Access Act is unlikely to be compatible with the U.S. Clarifying Lawful Overseas Use of Data Act and the EU General Data Protection Regulation.
More

There are proposed revisions to China’s Personal Information Security Specification that would prohibit data collection for contractual purposes.
More

EUROPE

The Council of the European Union will prepare an evaluation of the implementation of the GDPR by the end of the year.
More

Georgia Institute of Technology Scheller College of Business Professor of Law Peter Swire writes in a piece for Le Monde that the Court of Justice of the European Union and other European officials should be cautious of the ramifications that may stem from the “Schrems II” case.
More

The European Data Protection Board released its 2018 annual report and asked for comments on its recently adopted guidelines for processing personal data using video devices.
More

The Turkish Personal Data Protection Board published five decision summaries, including one on a fine of TL 50,000 to a data controller for its failure to install appropriate measures to prevent improper access and processing of personal data.
More

US

The U.S. Court of Appeals for the 8th Circuit denied immunity to Arkansas police officers accused of privacy violations after a reality TV star’s confidential records were released.
More

A class-action lawsuit was filed against Saporito Finishing alleging violation of the Illinois Biometric Information Privacy Act.
More

AT&T filed a motion with the U.S. District Court in Maryland to have a lawsuit regarding geolocation data disclosure sent to arbitration.
More

The U.S. Federal Trade Commission announced it will accept comments on the effectiveness of amendments made to the Children’s Online Privacy Protection Rule back in 2013.
More

With various limiting factors in play, the window is closing for the U.S. Congress to pass a consumer privacy bill.
More

Verizon Media Group CEO Guru Gowrappan said a federal U.S. privacy law is needed to address concerns around 5G technology.
More