Global News Roundup: Jan. 5–11, 2021

In this week’s global legislative roundup, India’s Personal Data Protection Bill, 2019 is expected to be tabled in the upcoming Budget session. Germany’s State Commissioner for Data Protection in Lower Saxony issued its highest EU General Data Protection Regulation fine to date. And in the U.S., legislators have reintroduced privacy bills in Washington and New York states.

LATEST NEWS

The final draft of India’s Personal Data Protection Bill, 2019 will likely be tabled during the Budget session of Parliament beginning Jan. 29, the Economic Times reports.
More

The U.S. Federal Deposit Insurance Corporation, Department of the Treasury, and Federal Reserve System issued a notice of proposed rulemaking Dec. 18 for a 36-hour data breach reporting requirement.
More

The Washington Senate Committee on Environment, Energy & Technology will hold a public hearing Jan. 14 on the revamped Washington Privacy Act.
More

A bill currently residing in the New York State Assembly would require companies to disclose deidentification methods, place safeguards around data sharing, and fund an office dedicated to privacy and data protection.
More

ENFORCEMENT

France’s data protection authority, the Commission nationale de l’informatique et des libertés, fined two doctors 3,000 and 6,000 euros, respectively, for not sufficiently protecting patients’ personal data in violation of two articles of the EU General Data Protection Regulation.
More

The CNIL also fined Perfomeclic 7,300 euros and fined meal delivery company Nestor 20,000 euros, both for violations of the Postal and Electronic Communications Code and the GDPR.
More

Germany’s State Commissioner for Data Protection in Lower Saxony issued a 10.4 million euro fine to retailer notebooksbilliger.de for monitoring its employees over a two-year span without a legal basis.
More

Germany’s Federal Network Agency, Bundesnetzagentur, imposed a fine of 145,000 euros against call center Cell It for unauthorized telephone advertising.
More

Indonesia’s Ministry of Communication and Information Technology published its draft “2020–2024 Strategic Plan.”
More

Italy’s data protection authority, the Garante, launched an online service to help simplify compliance in the event of a data breach. The service includes access to a notification model and self-assessment procedure.
More

Norway’s data protection authority, Datatilsynet, fined Gveik AS NOK 75,000 for processing data for a credit assessment without a legal basis.
More

Poland’s data protection authority, UrzÄ…d Ochrony Danych Osobowych, announced a PLN 1 million fine against ID Finance Poland for insufficient data security measures that led to a data breach.
More

The U.K. High Court ruled general warrants cannot be used to conduct mass surveillance, Forbes reports.
More

The U.K.’s Information Commissioner’s Office sentenced a motor industry employee to eight months in prison and a suspension for two years for violating the Computer Misuse Act.
More

The U.S. Federal Trade Commission announced a $650,000 settlement with toy manufacturer VTech Electronics for violations of the Children’s Online Privacy Protection Act and FTC Act.
More

ASIA-PACIFIC

The Civil Code of the People’s Republic of China went into effect Jan. 1, China Daily reports.
More

South Korea’s Personal Information Protection Committee released the final draft of amendments to the Personal Information Protection Act 2011 for public consultation.
More

MIDDLE EAST

Israel’s Privacy Protection Authority, Competition Authority, and Consumer Protection and Fair Trade Authority have published a policy paper on the main considerations to be taken into account for adopting data portability rights.
More

EU

The Portuguese Presidency of the Council of the European Union published the latest draft of the proposed ePrivacy Regulation, according to Covington’s “Inside Privacy” blog.
More

US

The California Supreme Court heard oral arguments in a case alleging that recording a phone conversation without consent is a violation of state privacy law, Bloomberg Law reports.
More

An update to Illinois’ Student Online Personal Protection Act will enable parents to review and correct their child’s data that is held by schools or affiliated online services and request its removal in some instances, WSIU Public Broadcasting reports.
More

New York lawmakers introduced the Biometric Privacy Act. The proposed bill would require private entities in possession of biometric information to develop written policies outlining data retention and deletion schedules, as well as obtain consent before sharing any data.
More

The Kansas Legislature is considering rewriting a law that allows an individual exposed to COVID-19 to refuse to disclose close contacts to health officials, as Republicans say they want to ensure privacy remains protected, The Associated Press reports.
More

Photo by Francis Valadj from FreeImages