fbpx

Download free GDPR compliance checklist!

Category Archives for "Legislation"

Portland, Oregon Becomes First Jurisdiction in U.S. to Ban the Commercial Use of Facial Recognition Technology

On September 9, 2020, Portland, Oregon became the first jurisdiction in the country to ban the commercial use of facial recognition technology in public places within the city, including stores, restaurants and hotels.

The city Ordinance was unanimously passed by the Portland City Council and will take effect on January 1, 2021. Beginning January 1, 2021, “private entities” will be prohibited from using “face recognition technologies” in “places of public accommodation” within Portland, except (1) to the extent necessary to comply with federal, state or local laws; (2) for user verification purposes to access the user’s own personal or employer-issued communication and electronic devices; or (3) in automatic face detection services in social media applications.

Source: Portland, Oregon Becomes First Jurisdiction in U.S. to Ban the Commercial Use of Facial Recognition Technology

Swiss Privacy Regulator Rules U.S.-Swiss Privacy Shield Not Adequate

On the heels of the Court of Justice of the European Union’s decision in Schrems II, Switzerland’s Federal Data Protection and Information Commissioner (FDPIC) has determined that the U.S.-Swiss Privacy Shield does not meet the “requirements of adequate data protection as defined by the FADP (Swiss Federal Act on Data Protection).”

It issued a policy paper offering advice on transferring data to countries not on its list of nations with adequate safeguards.

Source: Swiss Privacy Regulator Rules U.S.-Swiss Privacy Shield Not Adequate

Portland City Council Votes to Ban Facial Recognition

The Portland City Council has passed two ordinances banning the use of facial recognition.

One ordinance prohibits the city from using facial recognition. A second ordinance prohibits private companies from using facial recognition in public spaces. Thus Portland joins a growing list of cities that have banned the facial recognition technology, including Boston, Oakland, and San Francisco.

Source: Portland City Council Votes to Ban Facial Recognition

The EDPB launches a public consultation on its draft guidelines on the concepts of controller and processor

EDPB has published new draft guidelines on the concepts of controller and processor which aim at replacing the previous opinion from the Article 29 Working Party  (WP169).

This document thus intends to clarify the definition of the concepts of controller, joint controller, processor, third party and recipient of data, by illustrating them with concrete examples within different sectors. It also aims at specifying the obligations that are attached to these qualifications.

Following the public consultation and after analyzing the contributions received, the final version of the guidelines will be adopted by the EDPB.

Source: The EDPB launches a public consultation on its draft guidelines on the concepts of controller and processor

CNIL issues new guidance on data retention

The French Supervisory Authority CNIL in July has issued new updated guidelines on data retention.

These Guidelines aim at providing practical tools to help defining the relevant rules to organize data retention and accordingly the retention period applicable for each step of the personal data processing life cycle so that the personal data are not kept indefinitely.

Source: FRANCE: NEW GUIDANCE FOR DATA RETENTION

Commission will ‘not exclude’ potential ban on facial recognition technology

The European Commission has not ruled out a future ban on the use of facial recognition technology in Europe, as the EU executive mulls the findings of a recent public consultation on Artificial Intelligence.

Speaking to MEPs on the European Parliament’s Internal Market Committee on 3 September, Kilian Gross of the Commission’s DG Connect said that all options were still on the table.

Should a potential ban on facial recognition technologies in public places ever manifest in the EU, it would provide clarity on an issue long debated by the Commission.

Source: Commission will ‘not exclude’ potential ban on facial recognition technology – EURACTIV.com

European Parliament Held Meeting on Future of EU-U.S. Data Flows

On September 3, 2020, the Committee on Civil Liberties, Justice and Home Affairs of the European Parliament held a meeting to discuss the future of EU-U.S. data flows following the Schrems II judgment of the Court of Justice of the European Union (CJEU).

In addition to Members of the European Parliament , the meeting’s participants included Justice Commissioner Didier Reynders, European Data Protection Board (EDPB) Chair Andrea Jelinek and Maximilian Schrems. Importantly, Commissioner Reynders stated during the meeting that the new Standard Contractual Clauses might be adopted by the end of 2020, at the earliest.

Source: European Parliament Meeting on Future of EU-U.S. Data Flows

Amazon and FedEx Push to Put Delivery Robots on Your Sidewalk

The companies are backing bills in more than a dozen states that would legalize the devices. Some bills would block cities from regulating them at all.

Lawmakers and lobbyists in several states that considered robot delivery bills said representatives for Amazon and FedEx seemed open to discussions and changes in the bills. Scott Mooneyham, of the North Carolina League of Municipalities, contrasts that approach with the early actions of scooter companies, which became notorious for dropping their electric devices on public sidewalks without giving local officials prior warning.

Full article: Amazon and FedEx Push to Put Delivery Robots on Your Sidewalk | WIRED

Tech Firms Filing to Go Public Warn Investors of Shifts in Privacy Rules

Several tech companies that filed to go public over the past week warned investors that fast-changing legal frameworks to protect consumer privacy could threaten their bottom lines.

New laws and recent court decisions around the world raise questions for businesses that rely on harvesting customer information, analyzing data and transferring it across borders, the companies said in filings with the Securities and Exchange Commission.

The firms told investors that expanding privacy regulations could force them to pay more fines, shuffle their global operations or even rethink business strategies.

Source: Tech Firms Filing to Go Public Warn Investors of Shifts in Privacy Rules

California to limit use of photos of deceased

The California Senate on Friday approved a bill that would make it a crime for first responders to take pictures of dead people for reasons other than official investigations.

The measure, which was proposed by the Los Angeles County Sheriff’s Department, would make it a misdemeanor for a law enforcement official to photograph a deceased person at a crime or accident scene unless required for an official investigation, punishable by up to a year in jail and up to $1,000 in fines.

Source: Kobe Bryant crash site photos prompt tougher California law – Los Angeles Times

>