In this week’s Privacy Tracker global legislative roundup, IAPP Senior Westin Fellow Müge Fazlioglu, CIPP/E, CIPP/US, looks at the Court of Justice of the European Union’s highly anticipated ruling on the scope of consent requirements with respect to cookie compliance. Latham & Watkins Partner Tim Wybitul, CIPP/E, writes about a new EU General Data Protection Regulation fine structure in Germany. The Greek Parliament passed national legislation supplementing the GDPR. The Finnish Presidency of the Council of the European Union has released the latest version of the proposed ePrivacy Regulation, and the sources close to negotiations in Washington said a federal U.S. privacy law is unlikely to appear before Congress this year.
LATEST NEWS
A Canadian man who was a victim of the Capital One data breach has called for stricter privacy laws following the incident.
More
Israel‘s Central Elections Committee limited the amount of information political parties could access from September’s Knesset election.
More
Public consultation in Parliament has begun on the Zimbabwe Media Commission Bill, which would repeal the country’s Access to Information and Protection of Privacy Act.
More
An Ohio court ruled news media organizations do not have the right to the high school records of the Dayton gunman.
More
ICYMI
The Court of Justice of the European Union issued highly anticipated ruling on the scope of consent requirements with respect to cookie compliance, establishing that consent cannot validly be obtained through the use of pre-checked boxes. IAPP Senior Westin Fellow Müge Fazlioglu, CIPP/E, CIPP/US, takes a look at the key points and the unresolved issues from the CJEU’s decision in this piece for Privacy Tracker.
More
In this piece for Privacy Perspectives, privacy attorney Joseph Jerome, CIPP/US, explains why a private right of action should not be an all-or-nothing proposition for a federal U.S. privacy law.
More
The Cyberspace Administration of China released the final version of the “Measures on Online Protection of Children’s Personal Data,” which went into effect Oct. 1. Fangda Partners’ Gil Zhang, CIPP/A, CIPP/E, CIPM, FIP, and Kate Yin look at the differences between China’s law, the U.S. Children’s Online Privacy Protection Act and the EU General Data Protection Regulation in this piece for The Privacy Advisor.
More
The joint coordination body of the German data protection authorities, the DSK, has recently set out a new model for calculating GDPR fines, which, if adopted and applied, is likely to lead to high GDPR fines. Latham & Watkins Partner Tim Wybitul, CIPP/E, takes a look at the fine structure and how it may be applied to various GDPR violations in this piece for The Privacy Advisor.
More
The IAPP has revised its cookie guidance chart to include information from the German conference of supervisory authorities.
More
On Aug. 27, the Greek Parliament passed national legislation supplementing the GDPR. In this piece for Privacy Tracker, EY IT, IP and Data Protection Law Manager Antonios Broumas, CIPP/E, takes a look at the structure of Law 4624/2019, the main provisions and highlights of the bill and the penalties organizations may face for violations.
More
In this piece for The Privacy Advisor, Santa Clara Law Privacy Program Co-Director and Privacy Fellow Lydia de la Torre, CIPP/US, and AppreniLabs Attorney Jennifer Sheridan, CIPP/US, break down some of the myths around the records threshold found within the California Consumer Privacy Act.
More
ASIA-PACIFIC
Legislation before the Australian federal Parliament would allow government agencies to access facial-recognition images from a national database.
More
Singapore’s Personal Data Protection Commission has released a revised version of its “Guide to Notification.�
More
CANADA
The Information and Privacy Commissioner of Yukon determined Environment Yukon must release harvest data from hunting outfitters.
More
EUROPE
Denmark‘s Data Protection Agency announced it has changed its practices on the publishing of images.
More
The Finnish Presidency of the Council of the European Union has released the latest version of the proposed ePrivacy Regulation.
More
The European Data Protection Board released its opinion on the draft list submitted by the Slovakian data protection authority on what is subject to a data protection impact assessment under the GDPR.
More
The U.S. and U.K. reached an agreement to share electronic data to help law enforcement agencies with criminal investigations.
More
A recent brief released by the Atlantic Council’s Future Europe Initiative explores the existing trans-Atlantic data-transfer mechanisms, the court case that could invalidate them and the different approaches the European Union and United States have for transborder data transfers and privacy standards.
More
The Court of Justice of the European Union ruled individual countries can force online platforms to take down and restrict access to certain content.
More
US
Sources close to negotiations in Washington said it is unlikely a federal U.S. privacy law will appear before Congress before the end of the year.
More
U.S. Sen. Mark Warner, D-Va., believes there is bipartisan agreement that a federal privacy law is a necessity, but a law alone is “not sufficient.”
More
A bipartisan group of senators asked the Federal Trade Commission to avoid weakening U.S. child privacy laws.
More
Software company FaceFirst is working with lawmakers on a draft bill to regulate facial-recognition technology.
More
U.S. Sen. Rand Paul, R-Ky., introduced a bill that would remove the national patient identifier language from the Health Insurance Portability and Accountability Act.
More
