Global News Roundup: May 11–17, 2021

In this week’s global legislative roundup, the Irish High Court dismissed all of Facebook’s procedural complaints in a preliminary decision from Ireland’s Data Protection Commission regarding data transfers from the EU to the U.S. The Privacy and Personal Information Protection Amendment Bill 2021 was introduced in New South Wales, Australia, and lawmakers in Ecuador approved the Draft Data Protection Bill. In the U.S., Republican lawmakers in Nevada introduced a bill that would tighten restrictions on how personal data can be collected from websites operated by government entities.

LATEST NEWS

In the U.S., Republican lawmakers in Nevada introduced a bill that would tighten restrictions on how personal data can be collected from websites operated by government entities and require certain websites to post notices on data-tracking and opt-out capabilities, according to U.S. News & World Report.
More

U.S. Senate Intelligence Committee Chairman Mark Warner, D-Va., said there is “broad bipartisan support� among the committee and legislators for enacting legislation on reporting cyber breaches, The Hill reports.
More

ICYMI

The IAPP published for the Resource Center a table listing the various derogations under Article 49 of the EU General Data Protection Regulation, including conditions for using the derogations, examples of data types that may or may not be used in each situation, and additional requirements and factors to consider when transferring data.
More

Beginning March 27, Russia enhanced personal data subjects’ rights by changing fines and extending the limitation period for data-related breaches. Gorodissky & Partners Lawyer Nikita Maltsev breaks down the revamped slate of fines and new limitation period under the federal law.
More

IAPP Westin Fellow Sarah Rippy takes a look at U.S. state-level bills that have strict opt-in and opt-out requirements, as well as those that take a hybrid approach for The Privacy Advisor.
More

ENFORCEMENT

The Office of the Privacy Commissioner of Canada dismissed claims against political parties alleging violations of the Personal Information Protection and Electronic Documents Act.
More

The Dutch data protection authority, Autoriteit Persoonsgegevens, fined Locatefamily.com 525,000 euros for publishing individuals’ addresses and telephone numbers without their knowledge and not having a data representative in the EU, in violation of the GDPR.
More

Italy’s DPA, the Garante, announced TikTok will take additional measures to keep users under the age of 13 off the application.
More

Norway’s DPA, Datatilsynet, fined the Norwegian Sports Confederation NOK 1.25 million for breaches of the Privacy Ordinance in testing a cloud solution that exposed the personal information of 3.2 million Norwegians for 87 days.
More

Hamburg’s DPA, the Commissioner for Data Protection and Freedom of Information, banned Facebook from processing personal data from German WhatsApp users after deeming its new terms of service as illegal, Reuters reports.
More

ASIA-PACIFIC

The Privacy and Personal Information Protection Amendment Bill 2021 was introduced in New South Wales, Australia, which amends the Privacy and Personal Information Protection Act 1998 to require public sector agencies to notify the Office of the Australian Information Commissioner of a data breach.
More

Queensland, Australia, is considering a law that would require companies to report a data breach to the OAIC, ABC News reports.
More

CANADA

Privacy Commissioner of Canada Daniel Therrien shared his submission on Bill C-11, which would revamp the country’s federal privacy law.
More

EUROPE

The European Parliament Committee on Civil Liberties, Justice and Home Affairs asked the European Commission to amend its U.K. adequacy decision.
More

The committee also issued an opinion on the Data Governance Act, featuring areas where the DGA can be improved on.
More

The Irish High Court dismissed all of Facebook’s procedural complaints in a preliminary decision from Ireland’s Data Protection Commission regarding data transfers from the EU to the U.S.
More

LATIN AMERICA

During a session of the Plenary of the National Assembly, lawmakers approved Ecuador’s draft Data Protection Bill.
More

US

The California Assembly passed Assembly Bill 1262, which aims to limit voice data retention by smart speaker developers. The bill is now under Senate consideration.
More

CBS Chicago reports Illinois Senate Bills 2339 and 2340 passed the House Judiciary Criminal Committee. The bills seek to strengthen the privacy of sexual assault victims and their case files.
More

The Colorado Privacy Act will be discussed at a Senate Appropriations Committee hearing May 14 after it was passed through the Colorado Senate Business, Labor & Technology Committee, according to Husch Blackwell’s “Byte Back.”
More

A bill allowing warrantless surveillance of cellphone data unanimously passed the North Carolina House of Representatives, The News & Observer reports. 
More

U.S. Sens. Ed Markey, D-Mass., and Bill Cassidy, R-La., introduced the Children and Teens’ Online Privacy Protection Act, which aims to modernize provisions of the Children’s Online Privacy Protection Act.
More