Portugal's National Data Protection Commission is seeking public comment on its proposed 2024-2026 activity plan. The CNPD plans to develop 20 strategic actions based on three strategic objectives focused on improving and assessing data protection standards in the country. The proposed objectives aim to "strengthen the effectiveness in fulfilling the CNPD's mission." The public consultation closes 15 July.Full story
France's data protection authority, the Commission nationale de l'informatique et des libertés, published best practices for sharing personal data through application program interfaces.
Massachusetts state lawmakers are debating whether to ban the sale and purchase of citizens' mobile location data, The Wall Street Journal reports. The Massachusetts Location Shield Act would also implement a search warrant requirement for police to access user location data and prevent them from purchasing such data from data brokers.Full story
Hong Kong's Office of the Privacy Commissioner for Personal Data issued guidance on data breach notification and reporting. The PCPD observed a 20% increase in breaches while comparing numbers from the first half of 2023 to the second half of 2022.
In an interview with Cyberscoop, Signal President Meredith Whittaker discussed how attempts to break or bypass encryption for the sake of online safety will sacrifice individual privacy. She alluded to the potential "total evisceration of the right to privacy" if government-approved scanning of personal communications under any proposed legal regime, specifically the proposed U.K. Online Safety Bill, comes into force.
The Information Accountability Foundation announced former U.K. Information Commissioner Elizabeth Denham as its new chief policy strategist. Denham succeeds Martin Abrams, who will remain with the IAF in an emeritus capacity. Denham said, "Information technology fed by data drives modern life. It is more important than ever for data to serve people, both as individuals and society.
The European Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework, concluding it ensures U.S. protection of personal data transferred between the countries is comparable to that offered in the EU. But even as its finalization was announced Monday, the new framework, which enters into force 11 July, is poised to face a legal challenge. IAPP Staff Writer Jennifer Bryant has the details and early reactions.Full story
The European Commission formally released proposed procedural rules for EU General Data Protection Regulation enforcement in cross-border cases 7 July. The initiative will "harmonise some aspects of the administrative procedure the national data protection authorities apply," per the commission.
European Data Protection Supervisor Wojciech Wiewiórowski announced "organisational changes" to prepare for "evolving data protection challenges that lie ahead." The changes include appointing former Director of the Office of the EDPS Leonardo Cervera Navas as the regulator's first Secretary-General.
Businesses that implemented consumer "do not sell" solutions in accordance with U.S. laws may still be at risk if the third parties that receive the requests do not honor them, Tueoris Senior Privacy Consult Camille Ley and Privacy Consultant Lindsay Farbent, CIPP/US, write. Regulators could still look to hold businesses that fail to ensure third parties execute do not sell requests liable and "some level of diligence in this regard will be necessary," they said.Full story