Lawmakers recently released a draft of proposed legislation that would enact as law much of the Cybersecurity Framework from the National Institute of Standards and Technology.
With new definitions of sensitive data, public data and privacy notice, and requirements for privacy policies and children’s data, among others, Colombia’s new data protection law “followed closely the European regulatory model on data protection matters.” Colombia joins Argentina, Mexico, Uruguay, Peru, Costa Rica and Nicaragua in Latin American countries whose regulations have followed the EU model.
A British Columbia, Canada, court has sided with patient privacy over the right to access, EU ministers are considering allowing states to determine their own fining regimes and Croatia has joined the EU meaning it will need to implement the directive.
Research reports on calls to hold off on the proposed Application Privacy, Protection and Security (APPS) Act. The Marketing Research Association (MRA) is concerned the act would empower the Federal Trade Commission (FTC) “to define what the term ‘personal data’ meant, as the MRA had already seen in a previous act’s amendment debate that the FTC thought this meant that almost any piece of information could be personally identifiable,” the report states.