Data Protection News Update 31 July

United States

“Pass it, Pass it, Pass it” Biden urges lawmakers

  • US President Joe Biden persists in urging lawmakers to pass law protecting children’s online privacy and safety, referencing Thursday’s hearing of the Senate Committee on the Kids Online Safety Act and Children and Teens’ Online Privacy Protection Act.
  • The president exclaims he has been urging the legislation for the past two years.

US Securities and Exchange Commission to update rules on reporting of cybersecurity incidents

  • The US SEC has announced it will adopt new rules regulating how public companies must report cybersecurity incidents. 
  • The Commission states that companies and investors alike will benefit if disclosures of incidents are made in a more consistent, comparable and decision-useful way. 
  • The rules include the requirement for foreign private issuers to make comparable disclosures. 

Senators pitch new regulator for Big Tech

  • Lindsey Graham, R-S.C., and Elizabeth Warren, D-Mass., both US Senators, have pitched the Digital Consumer Protection Commission to regulate Big Tech platforms. 
  • This proposed agency would aim for giant tech firms in a bid to bring down anti-competitive behaviours and poor consumer privacy protection practices.
  • The objective of the agency would be to empower consumers against Big Tech. 


France’s Competition Authority takes aim at Apple’s App Tracking Transparency framework

  • The L’Autorité de la Concurrence is looking into allegations that Apple’s ATT framework boosts its market dominance by means of ‘discriminatory, non-objective and non-transparent conditions’ for the exploitation of user data with advertising intentions.

The EDPB has published an information note on data transfers

  • The EDPB has published an information note on data transfers from the EU to the USA.
  • This comes following adoption of the European Commission’s adequacy decision relating to the Data Privacy Framework.

NYOB challenges Ryanair 

  • NYOB has submitted a complaint to Spain’s Data Protection Authority alleging Irish airline Ryanair infringed the EU GDPR with its use of facial recognition technology.
  • The privacy rights group founded by Max Schrems claims Ryanair’s biometric verification process in flight bookings lacks a legal basis for processing. 


Sri Lanka’s Data Protection Authority is online

  • Sri Lanka’s Data Protection Authority was proposed in November 2022 and now the government is to follow through with finalizing the independent authority this year.

Meta faces $20M fine for misleading data use in Australia

  • Meta allegedly anonymized and aggregated data, including users’ internet and app activity, for the purposes of market research.
  • The case had been brought forward by the Australian Competition and Consumer Commission.

Email addresses of New Zealand firearms license holders have been leaked 

  • The information was mistakenly leaked by the newly established New Zealand Firearms Safety Authority. 
  • The email addresses linked to 147 firearm license holders in Auckland.  
  • The leak was caused when the agency sent an email with the recipients’ addresses copied into the carbon copy field instead of the blind carbon copy field, revealing the license holders to each other. 

United Kingdom

ICO issues warning to banks on data sharing practices

  • The UK ICO has circulated a warning to members of the banking and financial services association ‘U.K. Finance’ over their unlawful financial data sharing.
  • This follows allegations that NatWest shared the account details of a former politician with the media.


More Posts

Send Us A Message