SPOKES Privacy Technology Conference Fall 2021

Register Now

Privacy Law Update: November 15, 2021

Nov 15, 2021 | Privacy Law Update

WireWheel Privacy Law Update blog post cover image with an icon of capital building.

Written by Rick Buck, Chief Privacy Officer, WireWheel

Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!

Newsworthy Updates

UK Supreme Court Overturns Court of Appeal to Disallow Google Data Privacy Class Action

On November 10, 2021, the UK Supreme Court issued a unanimous Judgment in Lloyd v Google LLC [2021] UKSC 50, overturning a ruling of the Court of Appeal and disallowing a data privacy class action.  The Judgment denied Mr. Lloyd the ability to pursue a collective claim for compensation on behalf of around four million iPhone users in England and Wales whose internet activity data were allegedly collected by Google in late 2011 and early 2012 for commercial purposes without the users’ knowledge or consent, and in alleged breach of section 4(4) of the Data Protection Act 1998 (“the 1998 Act”). The 1998 Act has since been replaced by the UK GDPR and the Data Protection Act 2018 (“the 2018 Act”). The claim was backed by substantial litigation funding. 

IAPP ANZ Summit Online: A chat with NZ Privacy Commissioner John Edwards

On his third day as New Zealand’s Privacy Commissioner in 2014, John Edwards was asked during a committee hearing about his approach to the role. “I said I want to make privacy easy,” Edwards said. “I want to make privacy easy for agencies to implement, I want to make it easy for consumers to access privacy-friendly options, and I want to make it easy for people to have access to remedies when things are wrong. That became my mantra and I think it fits.”

Update On The Belgian Data Protection Authority’s Investigation Of IAB Europe

IAB Europe is informed by the Belgian data protection authority (the APD) that its Litigation Chamber is close to finalizing a draft ruling that will conclude its investigation of IAB Europe and its role in the Transparency & Consent Framework (TCF). The draft ruling is expected to be shared with other Data Protection Authorities (DPAs) in the coming 2-3 weeks under the Cooperation Procedure laid down in the GDPR.  Those DPAs will have 30 days to review it.  Depending on the outcome of that review, the APD may adopt a final ruling or the matter may be referred to the European Data Protection Board for a binding decision. 

IAPP publishes updated ‘Privacy and Data Protection in Academia’ report

Today, demand for qualified privacy professionals is surging. Soon, societal, business and government needs for practitioners with expertise in the legal, technical and business underpinnings of data protection could far outstrip supply. To fill this gap, universities around the world are adding privacy curricula in their law, business and computer science schools. The IAPP’s Westin Research Center has catalogued these programs with the aim of promoting, catalyzing and supporting academia’s growing efforts to build an on-ramp to the privacy profession. 

Facebook plans to remove thousands of sensitive ad-targeting options

Facebook Inc (FB.O) said on Tuesday it plans to remove detailed ad-targeting options that refer to “sensitive” topics, such as ads based on interactions with content around race, health, religious practices, political beliefs or sexual orientation. The company, which recently changed its name to Meta and which makes the vast majority of its revenue through digital advertising, has been under intense scrutiny over its ad-targeting abilities and rules in recent years

Privacy Legislation

Singapore: Data privacy update

This data privacy update addresses the amendments to the Personal Data Protection Act, the changes to the Spam Control Act, the publication of the Cyber Security Agency of Singapore (CSA)’s report on the Singapore Cyber Landscape in 2020, and the proposed new licensing framework for cybersecurity service providers.

Future proof your privacy program with WireWheel’s Trust Access and Consent Center to manage DSARs and consent and WireWheel’s Privacy Operations Manager for managing assessments.

Request a demo to learn more.

Suggested Blog Posts