A European Commission proposal to ease some reporting requirements under the General Data Protection Regulation (GDPR) won backing from the EU's top privacy bodies Wednesday. They cautioned, however, that the amended rules must not result in reduced protection for individuals.
The Health Insurance Portability and Accountability Act (HIPAA) hasn’t kept pace with privacy risks associated with wearable devices, Senate Health Committee Chairman Bill Cassidy, R-La., said during a hearing Wednesday. Sen. John Hickenlooper, D-Colo., also addressed the issue, noting state laws like the Colorado Privacy Act impose security requirements on companies selling wearables.
Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching the title or clicking on the hyperlinked reference number.
The U.S. Supreme Court’s decision upholding Texas’ porn site age-verification law bodes well for dozens of similar state laws, but it might not apply meaningfully to app store age-verification laws, policy experts said during a livestream Tuesday.
Not only has General Motors (GM) and subsidiary OnStar unlawfully collected, processed and sold Nebraskans' sensitive data since 2015, but many residents unknowingly opted in to these data practices, Attorney General Mike Hilgers (R) alleged in a lawsuit against the companies Tuesday. The AG said GM and OnStar violated the Nebraska Consumer Protection Act and Uniform Deceptive Trade Practices Act.
In the first major enforcement under the Connecticut Data Privacy Act (CTDPA), the state's Attorney General William Tong (D) reached an $85,000 settlement with online marketplace TicketNetwork concerning privacy violations, Tong's office said Tuesday.
The Asia-Pacific (APAC) region appears to be taking a different approach to AI regulation and governance than the EU and U.S., privacy professionals told Privacy Daily.
Recent enforcement against Honda and Healthline in California and FTC action against data brokers show that companies must understand data flow and consent, an executive with the Interactive Advertising Bureau (IAB) said in an interview Monday.
DOJ’s data transfer rule goes into full force Tuesday, but many companies are still seeking clarity from the department about compliance, privacy attorneys told us in interviews this week (see 2504140047).
A California privacy enforcer’s first use of a purpose-limitation requirement under the California Consumer Privacy Act (CCPA) makes this week’s record $1.55 million settlement with Healthline a significant enforcement action for companies in many sectors, privacy experts told Privacy Daily this week. Also significant was the highly technical, in-depth investigation that the office of Attorney General Rob Bonta (D) conducted, they said. Signs point to increased privacy enforcement ahead.