- The comprehensive privacy bill covers all entities controlling or processing personal data on 100,000 customers or deriving 50% of revenue from selling the data of more than 25,000 customers.
- The bill contains unique definitions for biometric and personal data, required data protection assessments and a 30 day right to cure.
- Meta has now launched new parental control tools on all its social media apps.
- One such feature allows parents to see how their teen “uses Messenger” with regards to time usage and includes updates with new contacts.
- Another feature allows parents to block any unwanted direct messages.
- There are no features allowing parents to read the content of the messages.
Proposed amendment allowing for matters before the Ireland Data Protection Commission to be labelled confidential
- The Irish government is discussing amending a bill that will allow all matters coming before the DPC to be labelled as confidential.
- Rasha Abdul-Rahim of Amnesty International describes this as a “blatant attempt” by the government to “shield BigTech scrutiny” and “silence” those that stand up for the right to privacy and data protection.
- The Council of Europe has released its model contractual clauses agreed upon by members of the Convention 108.
- The initial models have “the potential to bride similar transfer tools… and to contribute to the convergence towards appropriate data protection standards globally.”
- Ireland’s DPC has extended Meta’s interim stay on the order for the tech giant to suspend its EU-US data transfers.
- The stay will remain in place until the end of July.
- Political agreement has been reached between the European Council and Parliament on the European Data Act.
- This forms part of the European Strategy for Data, which includes the Data Governance Act (to apply from 24th September 2023).
- The EU Data Act will come into force twenty days after publication, which translates into roughly mid-2025.
- The Bill will appear on the 17th of July monsoon session agenda.
- Under this revamped legislation, the maximum penalty for data breaches will become IN45 billion, equivalent to just over 47 million pounds.
- In previous iterations the penalty was just 2-4% of a firm’s global turnover.
- Brazil’s Data Protection Authority has published guidance on data processing activities related to research.
- The guidelines seek to clarify doubts about “the legal hypotheses that authorize the processing of personal data” in research activities.
- The guidelines also outline the “need for the processing agent to follow ethical standards” as well as the principle of good faith.
- The UK shows the most growth in use of the technology by private businesses.
- UK businesses use facial recognition technology to combat minor crimes and create watchlists unbeknownst to the individuals being watched.
- The updates to the toolkit include an eight-step cybersecurity risk management framework.
- They also include a refined toolkit concept to cover practices across sectors and all-sized entities, and an introductory risk management and assessment methodology.