Global News Roundup: Sept. 28–Oct. 5, 2020

In this week’s global legislative roundup, Israel’s Privacy Protection Authority announced data transfers from Israel to the United States can no longer rely on the EU-U.S. Privacy Shield agreement following the Court of Justice of the European Union’s “Schrems II” ruling and the state of data protection in Ukraine is placed under the microscope. Gov. Gavin Newsome, D-Calif., made decisions on several bills, including one involving the California Consumer Privacy Act and another on the use of social media by children under the age of 13.

ICYMI

IAPP Vice President and Chief Knowledge Officer Omer Tene explores the scope and limits of the Israel Privacy Protection Authority’s decision that data transfers from Israel to the United States can no longer rely on the EU-U.S. Privacy Shield agreement following the Court of Justice of the European Union’s “Schrems II” ruling.
More

PrivatBank’s Artem Kobrin, CIPP/E, Dmitry Korchynskyi, CIPP/E, and Legal Nodes’ Vladislav Nekrutenko, CIPP/E, explain the current state of personal data protection in Ukraine and what can be done to change the paradigm after attempts to get its data protection system in line with international and European standards failed to gain traction.
More

ENFORCEMENT

Colombia‘s data protection authority, the Superintendencia de Industria y Comercio, announced a fine of 200,004,519 pesos to Sodimac Colombia for consumer privacy violations.
More

Colombia‘s DPA also ratified security orders against Uber related to its 2016 data breach.
More

In Germany, Hamburg‘s data protection authority, the Commissioner for Data Protection and Freedom of Information, announced a 35.3 million euro fine against retailer Hennes & Mauritz for unlawful employee-monitoring practices.
More

Italy‘s data protection authority, the Garante, issued a pair of fines for violations of the EU General Data Protection Regulation.
More

The U.S. Department of Health and Human Services’ Office for Civil Rights announced a $6.85 million fine to Premera Blue Cross over Health Insurance Portability and Accountability Act violations that led to its 2015 breach.
More

Anthem agreed to pay $39.5 million as part of a settlement with U.S. state attorneys general over a 2015 data breach, Reuters reports.
More

ASIA-PACIFIC

According to China‘s National Financial Standardization Technical Committee, the People’s Bank of China released its “Financial Data Security — Data Security Classification Guidelines.”
More

Japan’s data protection authority, the Personal Information Protection Commission, released information on enacted amendments to the Act on the Protection of Personal Information.
More

CANADA

Privacy Commissioner of Canada Daniel Therrien took part in a meeting of the Committee on Institutions of the National Assembly of Quebec regarding potential amendments to the province’s privacy legislation.
More

EUROPE

The Centre for Information Policy Leadership released a white paper on the future of cross-border data transfers under the EU General Data Protection Regulation following the Court of Justice of the European Union’s “Schrems II” ruling.
More

European Commission Executive Vice President Margrethe Vestager said a revamped data transfer mechanism could be ready by Christmas, Reuters reports.
More

The European Commission drafted logistics for an EU Digital Identity for the use of public and private services across the bloc.
More

The French data protection authority, the Commission nationale de l’informatique et des libertés, announced the adoption of cookies guidelines and recommendations in accordance with June’s order from France’s Council of State, the Conseil d’État.
More

Switzerland‘s Parliament voted to adopt the revisions to the country’s Federal Act on Data Protection.
More

LATIN AMERICA

The Brazilian Chamber of Deputies is currently considering a bill that would add data localization requirements to the country’s General Data Protection Law.
More

Mexican Senate Majority Leader Ricardo Monreal said he wants to include rules regulating the use of wiretaps and other surveillance in a judicial reform bill, Reuters reports
More

US

The U.S. government released a white paper detailing the limits and safeguards pertaining to its access to data in response to the Court of Justice of the European Union’s “Schrems II” ruling.
More

Gov. Gavin Newsom, D-Calif., signed off on a bill prohibiting the Employment Development Department from continuing to mail individuals’ full Social Security numbers.
More

Newsom also made decisions on two other bills, one involving the California Consumer Privacy Act and another on children’s use of social media.
More

A bill introduced in New Jersey would offer protections for the families of federal judges.
More