In this Privacy Tracker post, Timothy Banks of Dentons Canada looks at the government’s proposed Bill C-13, which attempts to grant law enforcement enhanced surveillance powers. “The proposed legislation has been promoted by the government as ‘anti-cyberbullying’ legislation; however, the new offence of unlawful distribution of intimate images is a small component of a suite of provisions intended to expand law enforcement tools to investigate online crime.” Noting that previous attempts at increasing surveillance powers have met criticism from federal and provincial privacy commissioners, Banks writes that this bill “is much more respectful of privacy rights than previous attempts by Canada’s Harper government. However, the recent attempt to stifle debate in the House of Commons certainly could be interpreted as the government remaining uncomfortable with scrutiny of these provisions.”
In the U.S., Kentucky has become the 47th state to pass a breach notification bill and Wisconsin has passed a social media law and expanded the collection of DNA from arrested individuals. The U.S. House passed bipartisan legislation aiming to protect information held in vehicle event data recorders; the Canadian Senate is considering the Digital Privacy Act, offering new protection for consumers and increased powers for the federal privacy commissioner, and the Court of Justice of the EU invalidated the EU Data Retention Directive. In this week’s Privacy Tracker legislative roundup, read more about all these developments and also what the FTC v. Wyndham decision may, or may not, mean for the future of U.S. privacy regulation.
The Dutch Parliament has approved the use of drones for video surveillance, giving mayors the right to determine when the use is appropriate; meanwhile, in the U.S., Washington state’s governor vetoed a drone bill there, saying it doesn’t go far enough to protect privacy. This week’s Privacy Tracker legislative roundup offers information on Idaho’s new DNA privacy law, Utah’s new mobile device privacy law and clarification on TCPA issued by the Federal Communications Commission. Also learn about the one-million Euro fine Google will pay to Italian regulators and a suit in Canada seeking class-action status that claims the Communications Security Establishment Canada “has been violating the constitutional rights of millions of Canadians.”
While many organizations within Australia work to implement the newly enacted Australian Privacy Principles (APPs), organizations outside the country may wonder in what way the new law affects their business practices. In this Privacy Tracker post, IAPP Westin Fellow Dennis Holmes outlines aspects of the APPs that non-Australian businesses, particularly service providers, may want to pay attention to, including the privacy commissioner’s interpretation of “carrying on business” that “departs from the traditional notion of that standard in Australian law.” Holmes notes that the newness of the APPs makes it unclear how they will be applied, but “companies must understand whether they are subject to liability under the new rules and take meaningful steps toward full compliance if so.”
The expected uptick in public and private use of unmanned aerial systems (UAS) in the U.S. has brought on a requisite increase in legislation in this area—both passed and proposed. “In 2013, 13 states passed laws governing UAS operations, and three states—Idaho, Oregon and Texas—enacted laws that specifically address UAS use by private entities,” write Hogan Lovells’ Partner Harriet Pearson, CIPP/US, and Associate Jared Bomberg in this Privacy Tracker post, leaving UAS operators with “a patchwork of state laws impacting their operations.” The authors outline scenarios for the future of drone regulation in the U.S., taking into account current applicable privacy laws, Sen. Ed Markey’s (D-MA) proposal and the possibility for self-regulation.
Privacy laws are being considered in nations across the globe, and this week’s Privacy Tracker legislative roundup has updates on many of them. Brazil’s Chamber of Deputies has passed the Internet bill of rights—without its controversial local data storage provision; India has exempted government intelligence agencies from its draft law; Australia’s Senate is looking at a mandatory breach notification bill, and in Ireland, a bill intending to give adopted children identity rights is raising questions over parental privacy rights. In the U.S., Sen. Al Franken (D-MN) has proposed an updated version of his location privacy bill, and states continue to discuss issues surrounding student privacy and breach notification, among others.
French data protection authority the CNIL has received remote inspection abilities under a law passed last week, adding to the growth the agency has seen recently. In the U.S., the New Jersey Supreme Court has unanimously ruled that police wiretap warrants apply to phones in other states, and the Illinois Supreme Court has deemed its stringent eavesdropping law unconstitutional. In Hawaii and Kentucky, privacy bills have stalled out, and in Delaware, a lawmaker has proposed legislation that mimics California’s “eraser law.” Meanwhile, the Australian Privacy Principles continue to make headlines, and questions remain over the Philippines’ new cybercrime law. Read about these developments and more in this week’s Privacy Tracker roundup.
With the Australian Privacy Principles in effect, the data protection regulation vote in the European Parliament and the announcement of the announcement of the G29 and APEC announcing a joint agreement aiming to aid companies in achieving compliance with global data transfers, it’s been a busy couple of weeks. Privacy Tracker has the information you need on the latest action, plus updates to U.S. state and federal initiatives and some opinions on where privacy law is headed. Looking forward to March Madness? U.S. Rep. Jared Polis (D-CO) is hoping that Congress is, too, and that his latest plea will help get support for the E-mail Privacy Act.
On Wednesday, the new Australian Privacy Principles (APPs), amendments to the Privacy Act of 1988(Cth), went into effect. The new rules apply to both government agencies and businesses, replacing the Information Privacy Principles (IPPs) that governed public agencies and the National Privacy Principles (NPPs) that governed businesses. In case this overhaul caught you off guard, we have a brief overview of the APPs’ major provisions and exceptions to help you navigate this new privacy regime.