General Privacy & Data Security News & Developments

A new New York state law prohibits the use of biometric technology in New York state schools until the later of (i) July 1, 2022 or (ii) the Commissioner of Education completes a study and issues a report to facilitate the creation of a comprehensive statewide regulatory system governing the use of such technology. The

The Consumer Privacy Protection Act (CPPA) is coming! The Canadian government has submitted a bill for the amendment of the Personal Information Protection and Electronic Documents Act (PIPEDA) and the enactment of a new, modern privacy act.

Key provisions include:
Stronger enforcement:
  • Broad order-making powers to the Commissioner, including recommending the issuance of fines.
  • Administrative

“The LGPD replicates the GDPR’s extraterritorial scope and then takes it one giant step further. The LGPD, like the GDPR, applies to processing carried out in Brazil, as well as processing related to the offering or provision of goods or services to individuals in Brazil,” writes Caitlin Fennessy for IAPP, the International Association of Privacy

The U.S. Consumer Financial Protection Bureau (CFPB) is issuing an Advanced Notice of Proposed Rulemaking to solicit comments and information that will assist the development of proposed regulations under Section 1033 of the Dodd Frank Act dealing with consumer rights to access financial records.

Questions include:
  • What are the benefits to consumers from authorized data

U.S Rep. Bob Latta (R-Ohio), ranking member of the House Energy and Commerce Subcommittee on Communications and Technology. has re-introduced the “Safely Ensuring Lives Future Deployment and Research In Vehicle Evolution Act’’ or the ‘‘SELF DRIVE Act’’ to regulate autonomous vehicles.

The legislation includes:

  • Detailed cybersecurity plan requirements
  • Detailed privacy plan requirements
  • The

Time for a U.S. federal privacy law?

“U.S. Sen. Roger Wicker, R-Miss., chairman of the Committee on Commerce, Science, and Transportation, will convene a hearing titled, “Revisiting the Need for Federal Data Privacy Legislation,” at 10:00 a.m. on Wednesday, September 23, 2020.

The hearing will examine the current state of consumer data privacy and legislative

“If the cedar trees have caught on fire,” says an old Hebrew adage, “what shall the shrubs on the wall say?”

Denmark data protection authority Datatilsynet suffered a data breach when its own documents, which should have been shredded, were disposed of in the normal wastepaper bin. The agency notified itself of the breach per

A group of UK MPs wrote a letter to the UK Information Commissioner’s Office demanding stronger data protection enforcement.

“It is imperative that you take action to establish public confidence – a trusted system is critical to protecting public health. The ICO has powers to compel documents to understand data processing, contractual relations and the

In the wake of the UK A-Level algorithm fallout, the U.S. National Institute of Standards and Technology (NIST) has published a report, for public comment, on the Four Principles of Explainable Artificial Intelligence.

“AI is becoming involved in high-stakes decisions, and no one wants machines to make them without an understanding of why,” said NIST

Data Protection Authorities in the German states of Lower Saxony, North Rhine-Westphalia, Hesse, Hamburg and Brandenburg have launched a large scale inquiry against media websites to examine the use of tracking techniques and specifically whether the cookie banners they apply on their respective websites meet the requirements for a voluntary and informed consent of the