The European Data Protection Board published the agenda for its Nov. 14 plenary session, including discussion of draft recommendations for controller binding corporate rules. The EDPB will also discuss a cookie banner task force and implications of a ruling by the Court of Justice of the European Union on personal data activities under the Passenger Name Record Directive. Full Story
Argentina's data protection authority, the Agency of Access to Public Information, announced finalization of its proposed reforms to Law No. 25,326 on the Protection of Personal Data. Following an extended public consultation featuring 173 submissions, the AAPI took up 80 articles in its final proposal and modified 43 based on public comments. The reform package was presented to Argentina's government for review before introduction to the National Congress of Argentina.
The U.K. and U.S. governments jointly announced initial winners in the U.S.-U.K. prize challenges on privacy-enhancing technologies. Twelve of 76 entries moved out of Phase I of the contest with their "state-of-the-art approaches to privacy-preserving federated learning." The remaining entrants will take part in Phase II of the competition, which tasks entrants with building their proposed technologies with government and regulator engagement.
France’s data protection authority, the Commission nationale de l'informatique et des libertés, warned visitors to the upcoming World Cup in Qatar to use a "burner phone," Politico reports. Qatar developed two mobile tracking applications — a COVID-19 tracking app and the official mobile app of the World Cup — both of which researchers said contain spyware. A CNIL spokesperson recommended travelers use "a blank smartphone ...
The implementation of China’s digital yuan, or e-CNY, “opens up new forms of government surveillance and social control,” Wired reports. U.K. Government Communications Headquarters Director Jeremy Fleming said e-CNY could be used to evade sanctions and monitor citizens by controlling how they make payments.
TechCrunch reports members of Twitter's privacy and security teams resigned from the company. Twitter Chief Information Security Officer Lea Kissner, Chief Privacy Officer Damien Kieran and Chief Compliance Officer Marianne Fogarty reportedly tendered their resignations Nov. 9 via company's internal messaging platform. Kissner also announced their departure via Twitter post Nov. 10. A U.S.
European Parliament approved the NIS2 Directive, a modernized framework based on the EU Network and Information Security Directive, on a 577-6 vote. Parliament said the directive brings new provisions and increased obligations concerning "incident response, supply chain security, encryption and vulnerability disclosure" for private and many public entities. "Ransomware and other cyber threats have preyed on Europe for far too long.
The Colorado Attorney General's Office released public comments received from stakeholders on proposed draft Colorado Privacy Act rules. A total of 61 comments were published, received from March through Nov. 8. The proposed CPA draft rules were published Oct. 10 and a hearing is scheduled for Feb. 1, 2023. Three virtual stakeholder sessions are also scheduled for Nov. 10, 15 and 17.
Euractiv reports on how European Parliament may look to reshape the proposed Data Act once the proposal is moved out of the Council of the European Union. Members of European Parliament raised more than 1,000 amendments to the original draft legislation in September alongside the Parliament rapporteur's official draft review. Potential changes concern public access to private data, Internet of Things considerations, and data governance and interoperability.