Global News Roundup: June 1-7, 2021

In this week’s Privacy Tracker global legislative roundup, the European Commission released updated standard contractual clauses for transfers of personal data. IAPP Senior Westin Research Fellows Jetty Tielemans and Müge Fazlioglu, CIPP/E, CIPP/US, took a dive into the provisions found in the approved text for the ePrivacy Regulation. IAPP Editorial Director Jedidiah Bracy talked federal privacy legislation with U.S. Rep. Suzan DelBene, D-Wash. And the Colorado General Assembly is a step closer to passing its comprehensive privacy bill.

THE LATEST

The Colorado House of Representatives approved the second reading of Senate Bill 190, the Colorado Privacy Act, June 4. The bill currently sits on the House’s third reading calendar and awaits a subsequent vote to pass. IAPP Staff Writer Joe Duball recapped SB 190’s developments prior to the second reading.
More

St. Louis Public Radio reports the Board of Aldermen in St. Louis, Missouri, will begin debating a bill that seeks to increase transparency at the law enforcement’s crime center and other city surveillance programs.
More

ICYMI

IAPP Senior Westin Research Fellows Jetty Tielemans and Müge Fazlioglu, CIPP/E, CIPP/US, offered an overview of key provisions within the ePrivacy Regulation text approved by the EU’s Council of Ministers earlier this year.
More

In the latest edition of The Privacy Advisor Podcast, IAPP Editorial Director Jedidiah Bracy, CIPP, caught up with U.S. Rep. Suzan DelBene, D-Wash., to talk about her proposed federal privacy bill, the state of play on Capitol Hill and what it will take for the U.S. to finally pass comprehensive privacy legislation.
More

ENFORCEMENT

The European Commission adopted two sets of standard contractual clauses. The new SCCs include a set for controllers and processors and another for transferring data to third countries.
More

The European Data Protection Board published its “Annual Report 2020,” recapping the work it conducted related to the COVID-19 pandemic and the materials it produced following the Court of Justice of the European Union’s “Schrems II” ruling.
More

France’s data protection authority, the Commission nationale de l’informatique et des libertés, called for changes or alternatives to U.S.-supplied “collaborative tools” used by French colleges and universities.
More

Hamburg’s Commissioner for Data Protection and Freedom of Information released a questionnaire to test whether a data transfer from the German state complies with the EU General Data Protection Regulation and the “Schrems II” ruling from the Court of Justice of the European Union.
More

The U.K. Information Commissioner’s Office announced a 10,000 GBP fine against the Conservative Party for sending 51 unlawful marketing emails in July 2019.
More

ASIA-PACIFIC

Australia’s Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020 would give federal law enforcement the ability to modify and delete data by accessing warrants, take over online accounts of suspected criminals and more, Information Age reports.
More

The proposed Shenzhen Special Economic Zone Data Regulation, which would forbid applications from targeting Chinese users under 18, has been updated to classify minors’ personal data as “sensitive,� South China Morning Post reports.
More

A new law in Hong Kong that would require people to provide their real name and personal details to register mobile phone numbers, including prepaid SIM cards, is raising surveillance concerns, The Wall Street Journal reports.
More

EUROPE

European Commission Vice President for Values and Transparency Věra Jourová said the U.S. must pass new laws before a data transfer deal is made with the EU, Politico reports.
More

Denmark’s data protection authority, Datatilsynet, requested public comments on topics to be included in upcoming guidance for data processing related to direct marketing activities.
More

France’s data protection authority, the Commission nationale de l’informatique et des libertés, announced a public consultation on a draft framework for processing minors’ data in relation to the social and medical care sectors.
More

The U.K. Information Commissioner’s Office opened a public consultation on the opening chapter of its draft guidance for anonymization, pseudonymization and privacy-enhancing technologies.
More

LATIN AMERICA

Brazil’s data protection authority the Autoridade Nacional de Proteção de Dados, published guidelines on the definitions for controller, processor and data protection officer under the General Data Protection Law.
More

US

Politico reports U.S. President Joe Biden seeks to secure a “political agreement” with the European Union to help facilitate a data transfer deal, according to five people with knowledge of the conversations. Politico also broke down how the prospects of the U.S. passing a federal privacy law during the Biden administration. 
More

Reuters reports the Supreme Court of the United States overturned a violation of the Computer Fraud and Abuse Act, placing limits on what types of activities the law covers.
More

The County Council in King County, Washington, banned the use of facial recognition information or technology by the Sheriff’s Office and other county agencies, The Seattle Times reports.
More