• Privacy Law Update

Privacy Law Update: August 3, 2021

read

Rick Buck Chief Privacy Officer

Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!


Newsworthy Updates

The Uniform Personal Data Protection Act Is Here

In July 2021, the Uniform Law Commission (“ULC”) voted to approve the Uniform Personal Data Protection Act (“UPDPA”). The UPDPA is a model data privacy bill designed to provide a template for states to introduce to their own legislatures, and ultimately, adopt as binding law.  The UPDPA would govern how business entities collect, control, and process the personal and sensitive personal data of individuals. This model bill has been in the works since 2019 and includes the input of advisors, observers, the Future of Privacy Forum, and other stakeholders. This is significant because the ULC has set forth other model laws, such as the Uniform Commercial Code, which have largely been adopted across the states.

Data Privacy Is Marketing’s Biggest Challenge: Here’s Why That’s a Good Thing

Personal data collection is so deeply tied to the consumer’s digital experience that we can hardly imagine one without the other. But this is changing. Apple recently updated how the company handles consumer data, giving each user greater control over who tracks their data, how it can be shared and where that information is used. Similarly, consumer data privacy legislation is changing across the world.

Federal privacy law important to long-term future of data flows

One year ago the Court of Justice of the European Union invalidated the EU-U.S. Privacy Shield, sending U.S. and European businesses that depend on data flows scrambling for alternatives. As negotiators work to find a solution that will protect international data transfers, some say part of the solution lies within a federal privacy law.

Pending Privacy Legislation

  • Wicker, Blackburn Introduce Federal Data Privacy Legislation:  Setting an American Framework to Ensure Data Access, Transparency, and Accountability (SAFE DATA) Act The SAFE DATA Act would:
    • Provide Americans with more choice and control over their data by:
      • Requiring businesses to allow consumers to access, correct, delete, and port their data;
      • Prohibiting businesses from processing or transferring consumers’ sensitive data without their consent;
      • Prohibiting businesses from denying consumers products or services for exercising their privacy rights;
      • Minimizing the amount of consumer data businesses can collect, process, and retain;
      • Limiting secondary uses of consumer data without their consent;
      • Establishing uniform data protections across the country enforced by the Federal Trade Commission (FTC) and state attorneys general;
    • Direct businesses to be more transparent and accountable for their data practices by:
      • Requiring businesses to disclose a privacy policy to consumers detailing their data collection, processing, and transfer activities, and notify consumers of any material changes to those activities;
      • Requiring businesses to conduct privacy impact assessments of data processing activities that may present a heightened risk of harm to consumers;
      • Requiring businesses to secure consumers’ data and maintain internal controls and reporting structures to assess data privacy risks to consumers; and
      • Prohibiting businesses from processing data in ways that violate federal Civil Rights laws.
    • Strengthen the FTC’s ability to respond to potentially harmful changes in technology and hold businesses accountable for misusing consumers’ data by:
      • Authorizing the FTC to develop new rules to expand categories of sensitive data;
      • Requiring the FTC to share any information with the appropriate Executive or State agency if it obtains information that a business has processed or transferred consumer data in a way that violates Federal anti-discrimination laws;
      • Requiring the FTC to maintain a data broker registry; and
      • Expanding the FTC’s authority to oversee the data use practices of common carriers and nonprofit organizations.
    • Click here to read the bill.
  • IAPP Privacy Law Tracker

Future proof your privacy program with WireWheel’s Trust Access and Consent Center and WireWheel’s Privacy Operations Manager.

Request Demo
Rick Buck is the WireWheel Chief Privacy Officer and acts as a Privacy Advisor to WireWheel clients, helping them with the implementation and optimization of their privacy programs. Over the past 20 years, Rick has…