Tag Archives: Legislation

Colombia Designates U.S. as “Adequate” Data Transfer Nation

On August 14, 2017, the Colombian Superintendence of Industry and Commerce announced that it was adding the United States to its list of nations that provide an adequate level of protection for the transfer of personal information. This development should help facilitate the transfer of personal information from Colombia to the United States.… Continue Reading

Washington Becomes Third State to Enact Biometric Privacy Law

On May 16, 2017, the Governor of the State of Washington, Jay Inslee, signed into law House Bill 1493, which sets forth requirements for businesses who collect and use biometric identifiers for commercial purposes. The law will become effective on July 23, 2017. Washington becomes the third state to pass legislation regulating the commercial use of biometric identifiers.… Continue Reading

Amended Oregon Law Reinforces Importance of Adhering to Privacy Policies

On May 25, 2017, Oregon Governor Kate Brown signed into law H.B. 2090, which updates Oregon’s Unlawful Trade Practices Act by holding companies liable for making misrepresentations on their websites or in their consumer agreements about how they will use, disclose, collect, maintain, delete or dispose of consumer information.… Continue Reading

CNIL Unveils 2017 Inspection Program and 2016 Annual Activity Report

On March 28, 2017, the French Data Protection Authority published its Annual Activity Report for 2016 and released its annual inspection program for 2017. The Report presents the main accomplishments in 2016 and highlights the diversified activity at both the national and EU level with the adoption of two major pieces of legislation.… Continue Reading

Australia Enacts New Data Breach Notification Law

On February 13, 2017, the Parliament of Australia passed legislation that amends the Privacy Act of 1988 and requires companies with revenue over 3 million AUD (2.3 million USD) to notify affected Australian residents and the Australian Information Commissioner in the event of an "eligible data breach."… Continue Reading

House of Representatives Passes Email Privacy Act

On February 6, 2017, the House of Representatives suspended its rules and passed by voice vote H.R 387, the Email Privacy Act. The Email Privacy Act now moves to the Senate, where it will be considered by the Senate Judiciary Committee. … Continue Reading

Email Privacy Act Reintroduced in Congress

On January 9, 2017, Representatives Kevin Yoder (R-KS) and Jared Polis (D-CO) reintroduced the Email Privacy Act, which would amend the Electronic Communications Privacy Act to require government entities to obtain a warrant, based on probable cause, before accessing the content of any emails or electronic communications stored with third-party service providers, regardless of how long the communications have been held in electronic storage by such providers.… Continue Reading

Chile Expected to Consider New Data Protection Legislation

On January 3, 2017, as reported in Bloomberg Law: Privacy and Data Security, Chilean legislators are soon expected to consider a new data protection law which would impose new privacy compliance standards and certain enforcement provisions on companies doing business in Chile. … Continue Reading

UK Parliament Approves Investigatory Powers Bill

On November 16, 2016, the UK Investigatory Powers Bill was approved by the UK House of Lords. The draft of the Bill has sparked controversy, as it will hand significant and wide-ranging powers to state surveillance agencies, and has been strongly criticized by some privacy and human rights advocacy groups. … Continue Reading

Russia Set to Block Access to LinkedIn

On November 10, 2016, Moscow’s Court of Appeal upheld a lower court’s decision that LinkedIn violated Russia’s data localization law requiring Russian personal data to be stored within Russian territory. Roskomnadzor, Russia’s data protection authority, is now set to block access to the social media website across Russia.… Continue Reading

NHTSA Releases New Automobile Cybersecurity Best Practices

The National Highway Safety Administration (“NHTSA”) recently issued non-binding guidance that outlines best practices for automobile manufacturers to address automobile cybersecurity. The guidance, entitled Cybersecurity Best Practices for Modern Vehicles (the “Cybersecurity Guidance”), was recently previewed in correspondence with the House of Representatives’ Committee on Energy and Commerce (“Energy and Commerce Committee”).… Continue Reading

NHTSA Set to Release New Automobile Cybersecurity Best Practices

On October 14, 2016, the National Highway Transportation Administration indicated in a letter to Congress that it intends to issue new best practices on vehicle cybersecurity. This letter came in response to an earlier request from the House Committee on Energy and Commerce that NHTSA convene an industry-wide effort to develop a plan to address vulnerabilities posed to vehicles by On-Board Diagnostics ports. … Continue Reading

CJEU Rules That Dynamic IP Addresses Are Personal Data

On October 19, 2016, the Court of Justice of the European Union issued its judgment in Patrick Breyer v. Bundesrepublik Deutschland, following the Opinion of Advocate General earlier this year. The CJEU followed the Opinion of the Advocate General and declared that the dynamic IP address of a website user is considered personal data.… Continue Reading

Final Rules for the Data Privacy Act Published in the Philippines

Recently, the National Privacy Commission of the Philippines published the final text of its Implementing Rules and Regulations of Republic Act No. 10173, known as the Data Privacy Act of 2012. The IRR has a promulgation date of August 24, 2016, and went into effect 15 days after the publication in the official Gazette. … Continue Reading

OMB Updates Federal Information Management Policies

The Office of Management and Budget recently issued updated information management policies for the U.S. federal government. The updated policies are intended "to reflect changes in law and advances in technology, as well as to ensure consistency with Executive Orders, Presidential Directives, and other OMB policy."… Continue Reading
LexBlog