General Privacy & Data Security News & Developments

U.S Rep. Bob Latta (R-Ohio), ranking member of the House Energy and Commerce Subcommittee on Communications and Technology. has re-introduced the “Safely Ensuring Lives Future Deployment and Research In Vehicle Evolution Act’’ or the ‘‘SELF DRIVE Act’’ to regulate autonomous vehicles.

The legislation includes:

  • Detailed cybersecurity plan requirements
  • Detailed privacy plan requirements
  • The

Time for a U.S. federal privacy law?

“U.S. Sen. Roger Wicker, R-Miss., chairman of the Committee on Commerce, Science, and Transportation, will convene a hearing titled, “Revisiting the Need for Federal Data Privacy Legislation,” at 10:00 a.m. on Wednesday, September 23, 2020.

The hearing will examine the current state of consumer data privacy and legislative

“If the cedar trees have caught on fire,” says an old Hebrew adage, “what shall the shrubs on the wall say?”

Denmark data protection authority Datatilsynet suffered a data breach when its own documents, which should have been shredded, were disposed of in the normal wastepaper bin. The agency notified itself of the breach per

A group of UK MPs wrote a letter to the UK Information Commissioner’s Office demanding stronger data protection enforcement.

“It is imperative that you take action to establish public confidence – a trusted system is critical to protecting public health. The ICO has powers to compel documents to understand data processing, contractual relations and the

In the wake of the UK A-Level algorithm fallout, the U.S. National Institute of Standards and Technology (NIST) has published a report, for public comment, on the Four Principles of Explainable Artificial Intelligence.

“AI is becoming involved in high-stakes decisions, and no one wants machines to make them without an understanding of why,” said NIST

Data Protection Authorities in the German states of Lower Saxony, North Rhine-Westphalia, Hesse, Hamburg and Brandenburg have launched a large scale inquiry against media websites to examine the use of tracking techniques and specifically whether the cookie banners they apply on their respective websites meet the requirements for a voluntary and informed consent of the

Peter Swire and Kenneth Propp suggest a viable post-Schrems II alternative to address U.S. judicial redress deficiencies in the Lawfare Blog.

“Any future attempt by the United States to successfully address this perceived deficiency in judicial redress … must have two dimensions: a credible fact-finding inquiry into classified surveillance activities in order to ensure protection

Constantine Karbaliotis and Abigail Dubiniecki write on the topic of what Canadian companies should do after Schrems II:

  • If you are processing data as controller, or as a processor for a client with European Union personal data, and relying on onward transfers, first do a risk assessment; and then assuming the risks are addressable, put

EUobserver prints an op-ed on SchremsII:

“With this decision, Europe is sliding toward a system of data localisation in which European data must stay in Europe. Big companies can likely bear the cost of creating redundant data systems in Europe, and for cloud computing providers that already have data centres in Europe…this decision could bring

Massachusetts Attorney General Maura Healey announced the creation of the Data Privacy and Security Division within her office to protect consumers from the surge of threats to the privacy and security of their data in an ever-changing digital economy.

AG Healey has also named Sara Cable as Chief of the new Data Privacy and Security