• Privacy Law Update

Privacy Law Update: November 22, 2021


Rick Buck Chief Privacy Officer

Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!

Newsworthy Updates

Dispatch From Brussels: Some Clarification For EU Data Transfers On The Horizon

One of the major topics at the IAPP Data Protection Congress 2021 in Brussels, Belgium, involves questions around transfers of personal data from the European Union. Though many questions remain beyond this event, some clarifications are on the way. European Commission Head of International Data Flows and Protection Bruno Gencarelli offered a start during a conversation with Goodwin Partner Lore Leitner.

The Future Of Data Protection In the EU’s Digital Market Strategy

After years of preparing for and implementing the EU General Data Protection Regulation, policymakers in the region are far from finished with the broader regulation of the digital realm. Earlier this year, the European Commission announced its ambitious digital strategy and, over the course of 2021, it released a host of draft legislation to undergird what it calls the coming “digital decade.” The intent of the strategy is to cultivate a healthy digital marketplace in the EU for personal and non-personal data alike.

Are Profiling and Automated Decision Making the Same Thing?

No.  Modern state privacy statutes in the United States (set to go into effect in 2023) and European privacy regulations adopt a similar definition of “profiling,” which occurs when three elements are met:

  1. An activity must involve “an automated form of processing
  2. An activity must be “carried out on personal data;
  3. The objective of the activity must be “to evaluate personal aspects about a natural person.

Privacy Legislation

Lawmakers Reintroduce Online Privacy Act

U.S. Reps. Anna Eshoo, D-Calif., and Zoe Lofgren, D-Calif., proposed the Online Privacy Act, a bill previously raised by the two lawmakers in 2019. The bill includes prior provisions for data subject rights and the creation of the Digital Privacy Agency to handle privacy rights violations enforcement. Additionally, the bill adds provisions for an Office of Civil Rights within the new enforcement agency while allowing state privacy regulators to share enforcement powers alongside the agency and state attorneys general.

Future proof your privacy program with WireWheel’s Trust Access and Consent Center and WireWheel’s Privacy Operations Manager.

Request Demo
Rick Buck is the WireWheel Chief Privacy Officer and acts as a Privacy Advisor to WireWheel clients, helping them with the implementation and optimization of their privacy programs. Over the past 20 years, Rick has…