In the U.S., Kentucky has become the 47th state to pass a breach notification bill and Wisconsin has passed a social media law and expanded the collection of DNA from arrested individuals. The U.S. House passed bipartisan legislation aiming to protect information held in vehicle event data recorders; the Canadian Senate is considering the Digital Privacy Act, offering new protection for consumers and increased powers for the federal privacy commissioner, and the Court of Justice of the EU invalidated the EU Data Retention Directive. In this week’s Privacy Tracker legislative roundup, read more about all these developments and also what the FTC v. Wyndham decision may, or may not, mean for the future of U.S. privacy regulation.
Privacy laws are being considered in nations across the globe, and this week’s Privacy Tracker legislative roundup has updates on many of them. Brazil’s Chamber of Deputies has passed the Internet bill of rights—without its controversial local data storage provision; India has exempted government intelligence agencies from its draft law; Australia’s Senate is looking at a mandatory breach notification bill, and in Ireland, a bill intending to give adopted children identity rights is raising questions over parental privacy rights. In the U.S., Sen. Al Franken (D-MN) has proposed an updated version of his location privacy bill, and states continue to discuss issues surrounding student privacy and breach notification, among others.
French data protection authority the CNIL has received remote inspection abilities under a law passed last week, adding to the growth the agency has seen recently. In the U.S., the New Jersey Supreme Court has unanimously ruled that police wiretap warrants apply to phones in other states, and the Illinois Supreme Court has deemed its stringent eavesdropping law unconstitutional. In Hawaii and Kentucky, privacy bills have stalled out, and in Delaware, a lawmaker has proposed legislation that mimics California’s “eraser law.” Meanwhile, the Australian Privacy Principles continue to make headlines, and questions remain over the Philippines’ new cybercrime law. Read about these developments and more in this week’s Privacy Tracker roundup.
While U.S. federal lawmakers struggle to find the right balance on data breach notification, state legislators are offering up bills to protect consumers from tracking through cellphones, smart meters and license plates, and one company is pushing back against Utah’s license-plate privacy law, saying it infringes on First Amendment rights. This Privacy Tracker weekly roundup covers all this and more, including the FTC, G29 and APEC announcement of a cross-border data transfer tool at the IAPP’s Global Privacy Summit last week and the Mexican DPA’s warning of an “abundance” of fines to come.
In this Privacy Tracker legislative roundup, read about privacy concerns related to Brazil’s proposed Internet privacy law and one Turkey’s president recently signed into law, and get some insight on complying with South Africa’s new law. In the U.S., states are moving along bills to prevent revenge porn in Illinois and protect readers’ privacy in New Jersey and student privacy in Wyoming and Kansas, among others. Also, the Massachusetts Supreme Court has determined that police need to get a warrant in order to collect cellphone location data over a period of time.
Nigeria and Turkey are both considering government-proposed legislation that would require service providers to turn over to law enforcement customers’ data upon request—with fines, and possible jail time for executives, for noncompliance in Nigeria. In the U.S., senators are addressing breach response and online privacy concerns with bills of their own as the fallout continues from the Target and Neiman Marcus breaches as well as the Snowden revelations. And in Australia, the deadline for the Australian Privacy Principles looms large. The Privacy Tracker’s weekly legislative roundup covers all this and more.
In the U.S., eight states have been in the news for movement on drone legislation. While most are fairly similar, bills in California and Utah put restrictions on use and retention of the data, and one of the two drone bills in front of the Georgia House focuses on a 100-foot “protected zone.” In Montana, a suicide review board has been given authorization to begin looking into the healthcare records of suicide victims in an attempt to lower the incidents in the state, causing some privacy concerns. And Maine has opted for a study instead of furthering a social media privacy bill. Read about these developments and more in this week’s Privacy Tracker legislative roundup.
Looking at the federal and state bills being introduced in the U.S., this Privacy Tracker weekly roundup reports on lawmakers’ efforts to get privacy-protecting laws on the books; however, FTC Commissioner Maureen Ohlhausen has called for legislators to look to existing laws, saying “We simply do not need new talk, new laws or new regulations.” Also take a look at new compliance hurdles for organizations in Canada and Australia as new laws are set to roll out in those countries. Also, in the EU, the LIBE has published amendments it would like to see in the Network and Information Security Directive.
While much happened this week in privacy news; the NSA’s surveillance was deemed likely unconstitutional, consent was declared dead, the data broker industry was put on notice by a U.S. senator and the EDPS released its 2014 inventory, the news that hit home for us was that Peter Fleischer and two other Google executives were acquitted in Italy’s Supreme Court after an eight-year battle over whether they were legally responsible for content that users uploaded to Italy’s version of YouTube. Back in the day, the implications of this case were a little scary for privacy pros around the globe, and it seems now it’s finally over. Take a look at this and all the week’s developments in privacy law in this Privacy Tracker weekly roundup.
The Supreme Court of Canada, in a unanimous ruling, has determined that the Alberta privacy law is unconstitutional and has given the province one year to amend it; A federal judge in Vermont has ruled there can be no expectation of privacy when it comes to data exposed online via a peer-to-peer file-sharing network, and the New Zealand Parliament has voted down a bill that would have given the privacy commissioner increased powers. Meanwhile, the FTC has asserted its power over parental-consent methods, Brazil is calling for a crackdown on government surveillance and Italy’s data protection authority and intelligence department have entered into a cooperation protocol. This week’s Privacy Tracker roundup has these stories and more.