Global News Roundup: March 16–22, 2021

In this week’s global legislative roundup, the Protect Personal Data Privacy Act has been introduced in Colorado, which includes data subject rights and consumer opt-outs for the sale, collection or use of data. Also in the U.S., a California Senate committee approved a bill requiring consumer notification of in-vehicle cameras. And the European Data Protection Supervisor recommended including specific provisions on the application of data protection law within legislative proposals for a European Health Union.

LATEST NEWS

The European Data Protection Supervisor issued Formal Comments on legislative proposals for a European Health Union, recommending specific provisions on applying data protection law.
More

The Protect Personal Data Privacy Act has been introduced in Colorado, including data subject rights and consumer opt-outs for the sale, collection or use of data.
More

California’s Senate Judiciary Committee approved a bill that would require notification to consumers at the time of purchase if a camera is installed inside a vehicle. The bill would also prohibit the use of video recordings for advertising or sale to third parties.
More

ICYMI

The Information Transparency and Personal Data Control Act, sponsored by Rep. Suzan DelBene, D-Wash., became the first piece of comprehensive privacy legislation introduced in the 117th U.S. Congress. In this Privacy Tracker piece, IAPP Senior Westin Research Fellow Müge Fazlioglu, CIPP/E, CIPP/US, broke down the details of DelBene’s bill and who has put their support behind the proposed legislation.
More

California approved new regulations implementing the California Consumer Privacy Act, including banning the use of “dark patterns.� Thompson Hine Partner Steven Stransky, CIPP/G, CIPP/US, looked at the regulations, including the ones covering opt-out notice requirements and consumer privacy requests.
More

Also in California, state officials announced the inaugural members of the California Privacy Protection Agency. IAPP Editorial Director Jedidiah Bracy, CIPP, detailed the appointments for The Privacy Advisor.
More

ENFORCEMENT

The European Data Protection Board released its 2021–22 Work Programme, which takes from the priorities laid out in its 2021–23 strategy, and outlines for areas of focus.
More

The European Parliament Committee on Civil Liberties, Justice and Home Affairs called for improved enforcement of the EU General Data Protection Regulation and data protection authorities to produce more materials to help with the implementation of the law.
More

France’s data protection authority, the Commission nationale de l’informatique et des libertés, announced an investigation into Clubhouse’s privacy compliance.
More

Norway’s Consumer Council is calling on dating app Grindr to “identify and delete illegally collected personal data” associated with privacy violations identified by Norway’s DPA, Datatilsynet.
More

ASIA-PACIFIC

The Indian government has not committed to a timeline on when the Personal Data Protection Bill will be introduced in Parliament, Medianama reports.
More

EUROPE

Der Standard reports NOYB Founder Max Schrems will have an appeal heard by Austria’s Supreme Court regarding his case alleging Facebook lacks explicit user consent for the use of personal data.
More

The U.K. Information Commissioner’s Office and the Secretary of State for the Department for Digital, Culture, Media and Sport agreed to a Memorandum of Understanding that acknowledges the roles both will play in carrying out adequacy assessments.
More

US

An amendment included in the U.S. Violence Against Women Reauthorization Act of 2021 addresses the exploitation of private images.
More

A bipartisan coalition led by U.S. Rep. John Curtis, R-Utah, refiled the Foreign Advanced Technology Surveillance Accountability Act for consideration by the House of Representatives, which would recognize and condemn human rights violations stemming from unreasonable or oppressive government surveillance while also requiring a report on whether countries have unlawfully obtained biometric or facial recognition data from other countries.
More

U.S. District Court Judge Lucy Koh dismissed some claims while allowing others to proceed in a privacy class-action related to Google’s Chrome browser data, Reuters reports.
More

A Washington federal judge ruled two nearly identical lawsuits against Amazon and Microsoft over alleged violations of Illinois’ Biometric Information Privacy Act will move forward, Reuters reports.
More

GUIDANCE

In France, the CNIL published a series of frequently asked questions about its amended guidelines and recommendations on cookies.
More

According to Sidley Austin’s Data Matters blog, Switzerland’s data protection authority, the Federal Data Protection and Information Commissioner, issued guidance on the updated Federal Act on Data Protection.
More

The U.K. ICO unveiled three data-sharing projects that have been added to its Regulatory Sandbox. The additions include initiatives on data sharing that promote improvements to driving safety, violence-related decision making and housing quality.
More

The U.S. Congressional Research Service released a report on the impact of the Court of Justice of the European Union’s “Schrems II” ruling. The report looks at EU laws governing international data transfers and reviews the U.S. surveillance laws that impact the court’s decision.
More