Privacy Law Update: September 20, 2021
The US House Energy and Commerce Committee passed a proposal to increase funding to the Federal Trade Commission to support a new privacy and data security division, Reuters reports. The proposal, part of a proposed $3.5 trillion spending measure, would give the FTC $1 billion over 10 years to create its new unit. The next step for the proposal is a House floor vote.
The Wall Street Journal reports discussions regarding a potential EU-US Privacy Shield replacement have ramped up. People familiar with negotiations said EU and US officials have made progress on their data transfer dilemma ahead of an upcoming meeting between the two sides at the end of September. A key talking point is providing Europeans a way to challenge potential US government surveillance their data may be subject to.
Ireland is failing to apply the EU’s privacy laws to US tech giants, with 98% of 164 significant complaints about privacy abuses still unresolved by its regulator, according to a civil rights group. Google, Facebook, Apple, Microsoft and Twitter all have their European headquarters in Dublin, making Ireland’s Data Protection Commission (DPC) the lead EU regulator responsible for holding them to the law. But the Irish DPC has been repeatedly criticised, both by privacy campaigners and by other EU regulators, for failing to take action.
In July, the office of the attorney general of California marked the one-year anniversary of its enforcement of the California Consumer Privacy Act by issuing a press release to tout its “successful enforcement efforts.” Also well-publicized, in the same announcement, the office unveiled a new Consumer Privacy Tool to enable consumers to directly notify eligible businesses of perceived “Do Not Sell My Personal Information” link deficiencies. Although the press release teased four examples of notices to cure CCPA violations the office issued to unnamed companies, they also quietly published 27 enforcement overviews to highlight the curative actions taken in response to such letters.
According to Axios, US President Joe Biden will nominate Georgetown University Founding Director of the Center on Privacy & Technology Alvaro Bedoya to fill the final commissioner vacancy at the Federal Trade Commission. Bedoya, rumored as a candidate for the FTC post in recent months, has a wealth of experience in the privacy field, including work as a staffer on the Senate Judiciary Committee’s Subcommittee on Privacy, Technology and the Law.
There have been many headlines today about the UK Government’s plans to reform UK data protection law. We are still reviewing the (near 150-page) consultation document, but set out below a dozen proposals that we thought might pique the interest of readers of our blog.