SPOKES Privacy Technology Conference Fall 2021

Watch Now

Privacy Law Update: December 20, 2021

Dec 20, 2021 | Privacy Law Update

WireWheel Privacy Law Update blog post cover image with an icon of capital building.

Written by Rick Buck, Chief Privacy Officer, WireWheel

Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!

Newsworthy Updates

Digital Markets Act: Parliament ready to start negotiations with Council

Parliament gave its green light to begin negotiations with member states on rules setting out what big online platforms will be allowed to do and not do in the EU.  The Digital Markets Act (DMA) proposal blacklists certain practices used by large platforms acting as “gatekeepers” and enables the Commission to carry out market investigations and sanction non-compliant behaviours.  The text approved by Parliament with 642 votes in favour, 8 against and 46 abstentions sets new obligations and prohibitions directly applicable to such platforms, with a view to ensuring fair and open markets.

CPPA releases public comments for CPRA regulations

The California Privacy Protection Agency published the public comments from its stakeholder consultation on California Privacy Rights Act regulations. The comment periods were conducted Sep. 22 to Nov. 8 and broken up into four sections. The CPPA intends to have additional informational hearings to gather more feedback toward its rulemaking process. Formal rulemaking activities will begin at the conclusion of the agency’s fact gathering, which has no set timetable.

Mozilla rolls out GPC for all Firefox users, but enforcement limited to two states

Mozilla has expanded its implementation of Global Privacy Control (GPC) to all users after rolling it out on a limited basis in October.  The feature — which tells websites not to sell or share your personal data — was only available in Firefox Nightly, their pre-release channel. GPC will be available for all Firefox users to turn on if they wish to. Unfortunately for most US users, this feature may not have much effect. The GPC is required under the California Consumer Protection Act (CCPA) and Europe’s Global Data Protection Regulation (GDPR), as well as Colorado’s privacy law, but no other states have laws that will enforce it.

FTC takes steps toward privacy, AI rulemaking

As the debate rages on regarding whether the U.S. Federal Trade Commission should or could begin rulemaking on privacy, the commission has signaled it is not willing to wait for a consensus. On Dec. 10, the FTC filed an Advanced Notice of Proposed Rulemaking with the Office of Management and Budget that initiates consideration of a rulemaking process on privacy and artificial intelligence.

Why Ohio’s data privacy bill is on hold for now

State lawmakers are considering a bill that’s meant to protect data of Ohioans. The legislation spells out who can access data and how they can do it. But the bill has been put on hold right now.

The way the third-party cookie crumbles: Part 1 – EU and UK developments

Third-party cookies have long been “the glue that holds together the independent ad tech world.” Far surpassing their original purpose of giving “memory” to websites, these cookies are heavily relied upon by marketers to analyze and track online users. Indeed, cookie-based targeted advertisements are the reason why websites can sustain their “free” business models. But what’s good for industry has not been good for user privacy—and the tide is starting to turn.

Future proof your privacy program with WireWheel’s Trust Access and Consent Center to manage DSARs and consent and WireWheel’s Privacy Operations Manager for managing assessments.

Request a demo to learn more.

Suggested Blog Posts