The U.S. Department of Justice and the Office of the U.S. National Intelligence Director announced the completion of commitments under President Joe Biden's executive order concerning the EU-U.S. Data Privacy Framework.
The Sacramento County Superior Court ruled California Privacy Rights Act regulations can't be enforced this month as originally slated by the statute. A complaint filed by the California Chamber of Commerce paved the way for enforcement of the regulations to be delayed to 29 March 2024, giving covered entities a defined transition window to comprehend and comply with the rules.
The new Spanish Presidency of the Council of the European Union outlined priority topics for its negotiations on the proposed Artificial Intelligence Act, Euractiv reports. As it works toward a political agreement among member states, the Spanish presidency plans to address the proposal's definition of AI, high-risk classification, list of high-risk use cases and fundamental rights impact assessments.
Argentina's data protection authority, the Agency of Access to Public Information, submitted a draft Personal Data Protection Bill to the Honorable Chamber of Deputies of the Nation. The proposed draft amends Personal Data Protection Act 25.326.
Hong Kong's Innovation, Technology and Industry Bureau signed a memorandum of understanding with the Cyberspace Administration of China to improve cross-border data flows in the Guangdong-Hong Kong-Macao Greater Bay Area, news.gov.hk reports.
The Hindustan Times reports India's government may add "penal provisions" for violating agreements with the Data Protection Board under the proposed Digital Personal Data Protection Bill. "The voluntary undertaking may include an undertaking to take specified action (such as reporting a data breach) within a specified time, an undertaking to refrain from taking specified action, and an undertaking to publicizing the voluntary undertaking, the new draft states," an official said.
U.S. District Court Judge Matthew Kennelly in Illinois vacated USD228 million in damages awarded in the first-ever Biometrics Information Privacy Act case, Reuters reports. Rail workers alleged that BNSF Railway collected their biometric information without informed consent. The judge upheld the verdict that the company violated the BIPA but said damages were discretionary under the law and ordered a new trial so a jury could determine the appropriate fine.
IAPP Managing Director, Washington, D.C., Cobun Zweifel-Keegan, CIPP/US, CIPM, offers his take on the latest privacy developments in the nation's capital and around the U.S., including an homage to the 50th birthday of the Fair Information Practice Principles and how they have stood the test of time and technological advancement.Full story
A view from Brussels: EU Data Act, EU-US Data Privacy Framework and more
Different interpretations across jurisdictions make the definition of "anonymization" difficult to nail down. That is the case with matching anonymization standards to EU General Data Protection Regulation requirements. Immuta Senior Privacy Counsel Sophie Stalla-Bourdillon and Chief Legal Officer Andrew Burt provide an overview of the confusion around the EU standard and how it is progressively evolving.Full story