Nigeria and Turkey are both considering government-proposed legislation that would require service providers to turn over to law enforcement customers’ data upon request—with fines, and possible jail time for executives, for noncompliance in Nigeria. In the U.S., senators are addressing breach response and online privacy concerns with bills of their own as the fallout continues from the Target and Neiman Marcus breaches as well as the Snowden revelations. And in Australia, the deadline for the Australian Privacy Principles looms large. The Privacy Tracker’s weekly legislative roundup covers all this and more.
This Privacy Tracker post from the Hogan Lovells privacy team explores the impact two proposed privacy laws would have on organizations that provide digital products and services to Brazilian consumers. The Marco Civil da Internet would establish data protection requirements and preserve net neutrality, and the Data Protection Bill would establish an EU-style framework for the processing of personal data. These laws have been in limbo for the past few years, but will the fallout from U.S. government surveillance practices be the inspiration Brazilian lawmakers need to pass provisions, including some that would restrict cross-border data transfers?
While industry leaders at the World Economic Forum in Davos, Switzerland, called for new rules surrounding data protection, the U.S. Supreme Court announced it will hear two cases involving warrantless searches by law enforcement of suspects’ cellphones. And, the U.S. Federal Trade Commission announced settlements with 12 companies over false claims of alignment with Safe Harbor rules. In this Privacy Tracker roundup, learn about these as well as bills being considered by U.S. state legislatures, how Obama’s NSA plans may affect EU law and more.
This week’s Privacy Tracker legislative roundup includes legislation introduced in both Missouri and Kansas aiming to protect electronic communications and data from government intrusion. This comes after an Arizona representative announced she will propose legislation to effectively ban the National Security Agency from that state. The roundup also includes news of Pennsylvania considering an expansion of its DNA collection to those arrested for felonies and misdemeanors that require registration as sex offenders and the release of a new draft of the Data Protection Bill in the Cayman Islands.
In this week’s Privacy Tracker legislative roundup, see BakerHostetler’s year-in-review on international privacy laws and read about cases you may have missed while enjoying the holiday season. For example, a U.S. District Court has deemed a Florida drug-screening law unconstitutional; U.S. Magistrate Judge Laurel Beeler ruled in the Hulu privacy lawsuit that no proof of injury is needed for viewers to recover damages, and the U.S. Federal Trade Commission settled with Accretive Health over the company’s failure to protect consumer data. Also, read about the contradicting rulings over the NSA’s data collection practices.
France is receiving criticism for a new law expanding government agencies’ access to Internet data; a European Court of Justice advocate has deemed the data retention directive in violation of citizens’ fundamental privacy rights, and in the U.S., a petition to update the Electronic Communications Privacy Act has received more than 100,000 signatures. This week, Privacy Tracker reports on these developments as well as new administrative measures for Chinese credit reference agencies, U.S. states’ challenges to NSA surveillance and new fining powers for the Dutch data protection authority.
This week’s Privacy Tracker legislative roundup includes the IAPP’s coverage of the European Commission’s report critiquing the EU-U.S. Safe Harbor agreement and offering the U.S. 13 ways to save it, and insight from Eduardo Ustaran, CIPP/E, on the report. You’ll also find information on the United Nation’s approval of an unlawful surveillance resolution, why India may have to wait a little longer for a privacy law and South Africa’s new law. In the U.S., more regions are considering social media laws and DNA databases, and courts have decided cases relating to COPPA and consumer privacy.
In the U.S., FTC v. Wyndham will decide whether the company’s “failure to safeguard personal information caused substantial consumer injury” and whether the FTC even has the authority to regulate data security; the GAO is pushing for comprehensive federal law governing the collection, use and sale of personal data by businesses, and Sen. Franken is calling for regulation over biometric data before the horse leaves the barn. In the EU, the debate over Safe Harbor continues, with Albrecht and Reding saying EU residents need to be able take data privacy complaints to U.S. courts. The Office of the Australian Information Commissioner (OAIC) has released the final set of Australian Privacy Principles that cover access to and correction of personal information, and in Canada learn about Alberta’s need to create a new Privacy Act and why Bill C-30 is back in the news. All this and more, in this week’s Privacy Tracker legislative roundup.
In the wake of news that the Supreme Court of Canada has deemed the Alberta Personal Information Protection Act (PIPA) unconstitutional, Shaun Brown of nNovation analyzes what the decision means for the province in this Privacy Tracker exclusive. “It was inevitable that freedom of expression would eventually clash with privacy legislation in the courts,” writes Brown, adding that the ruling was “not surprising.” The broad “prohibition-first” approach of PIPA means “there are bound to be certain purposes that maybe should be exempted from the requirement to obtain consent but could not be conceived by legislatures when privacy laws were initially drafted,” Brown says.
The Supreme Court of Canada, in a unanimous ruling, has determined that the Alberta privacy law is unconstitutional and has given the province one year to amend it; A federal judge in Vermont has ruled there can be no expectation of privacy when it comes to data exposed online via a peer-to-peer file-sharing network, and the New Zealand Parliament has voted down a bill that would have given the privacy commissioner increased powers. Meanwhile, the FTC has asserted its power over parental-consent methods, Brazil is calling for a crackdown on government surveillance and Italy’s data protection authority and intelligence department have entered into a cooperation protocol. This week’s Privacy Tracker roundup has these stories and more.