fbpx

Free tools and resources for Data Protection Officers!

Category Archives for "Legislation"

House Lawmakers Target Autumn for Data Privacy Bill

As talks on a data privacy bill reportedly lose steam in the Senate, two Democratic House aides familiar with ongoing discussions said the House Energy and Commerce Committee is targeting the end of September or early October to introduce its own version of privacy legislation.

Both aides said discussions have started about what a bill could look like, with plans for the consumer protection subcommittee chaired by Rep. Jan Schakowsky (D-Ill.) to head up the effort. The sources said their offices have yet to see a draft of the bill language.

Full article: House Lawmakers Target September, October for Data Privacy Bill, Aides Say

California Considers Amending New Privacy Law

The California senate judiciary committee is expected to consider amendments that could significantly water down the state’s landmark privacy law.

One of the amendments would revise the definition of “de-identified” data to include material that is not “reasonably linkable” to a particular consumer. That would make the law more friendly to online marketers by exempting IP addresses, device identifiers and other pseudonymous identifiers from the material covered by the measure.

Another proposed amendment would weaken a provision that prohibits companies from charging higher prices to consumers who opt out of data collection and selling.

Source: California Considers Amending New Privacy Law 07/09/2019

Why Is America So Far Behind Europe on Digital Privacy?

Americans have been far too vulnerable for far too long when they venture online.

It’s taken more than a decade of shocking revelations — of data breaches
and other privacy abuses — to get to this moment, when there finally seems to be enough momentum to pass a federal law.

Full article: Opinion | Why Is America So Far Behind Europe on Digital Privacy? – The New York Times

The EU Cybersecurity Act Introduces Certifications and the New Cybersecurity Agency

On June 27, 2019, the EU Regulation on Information and Communication Technology (Cybersecurity Act or Act) became effective introducing, for the first time, EU-wide rules for the cybersecurity certification of products and services (Certification).

he Certification may create a competitive advantage for companies that sell their products and services in the EU. Further, the Certification may act as a catalyst to the anticipated certifications for GDPR-compliance.

In addition, the Cybersecurity Act provides for a new permanent mandate for the EU Agency for Cybersecurity (ENISA) with new responsibilities.

Source: The EU Cybersecurity Act Introduces Certifications and the New Cybersecurity Agency

German Bundestag approves 2nd German Data Protection Adaptation Act

On 28 June 2019, the German Bundestag passed the 2nd German Data Protection Act (“2nd DSAnpUG”) which will amongst other things further adapt the German Federal Data Protection Act („BDSG“), the German Federal Registration Act (“BMG”), the German Act on the Federal Office for Security in Information Technology (“BSI-Act”) and the Act on the Establishment of a Federal Institute for Digital Radio of Authorities and Organizations with Security Responsibilities (“BDBOS-Act”) to the provisions of the General Data Protection Regulation („GDPR“).

Full article: German Bundestag approves 2nd German Data Protection Adaptation Act (“2nd DSAnpUG”): Summary of significant changes for German data protection laws.

Cookie consent – What “good” compliance looks like according to the ICO

On 3 July 2019, the UK data protection authority (the ICO) updated its guidance on the rules that apply to the use of cookies and other similar technologies.

The ICO has also changed the cookie control mechanism on its own website to mirror the changes in the new guidance.

Full article: Cookie consent – What “good” compliance looks like according to the ICO

New rules for biometric EU identity and residence cards given final approval

The European Union’s Council has approved new rules for biometric fingerprint and photo security features of identity and residence cards, as proposed by the European Commission.

The biometric features of European ID cards will be stored on a contactless chip, making them similar in security to passports.

Source: New rules for biometric EU identity and residence cards given final approval | Biometric Update

Pressure mounts on patchwork data privacy laws across US states

Enterprise resistance to tightening data privacy standards is increasing in the US, as states develop their own online data protection laws.

Among the nation’s most stringent restrictions upon ISPs (internet service providers), a law put in place in Maine last month prevents companies from using, selling or sharing consumer data without the data owner’s consent.

Source: Pressure mounts on patchwork data privacy laws across US states

Facebook and Google could be forced to tell you how much your data is worth under new US legislation

Tech companies like Facebook and Google could be forced to reveal how much individual users’ data is worth to them under new legislation in the US, according under new legislation in the US.

Putting a dollar figure on how much people’s data is worth is unlikely to be straightforward for the companies involved and the bill could provoke opposition.

Source: Facebook and Google could be forced to tell you how much your data is worth under new US legislation | Business Insider India

Navigating Privacy and Data Security Issues in Mergers, Acquisitions and Other Transactions

This article discusses how legal frameworks involving U.S. federal and state law, the EU General Data Protection Regulation, antitrust law and other relevant legal regimes may affect how a company can use personal information following a transaction.

The article also addresses key questions companies should ask during the due diligence process, how answers to those questions impact the deal documents and offers post-closing strategies companies should consider.

Source: Navigating Privacy and Data Security Issues in Mergers, Acquisitions and Other Transactions

>