Weekly Privacy News Update – Episode 09

Updates from the California Privacy Protection Agency

Created thru the California Privacy Rights Act (CPRA), the California Privacy Protection Agency is emerging. Last Oct. 4, the agency hired its Executive Director, Ashkan Soltani; it will also soon add a general counsel and deputy director of administration to its workforce. The California Privacy Protection Agency also works on its lawmaking duties by engaging in preliminary legislation tasks. It examines possible new regulations or amendments that are applicable to the CPRA. July 1, 2022, is the statutory deadline for the final CPRA regulations is crucial for the agency because of the range and intricacy of the areas to be regulated and its minimal resources.

Source: IAPP

EU Data Governance Act moves forward

The European Commission moves forward with the EU Data Governance Act (DGA) since it has reached a conditional agreement with the European Parliament and the Council of the European Union. The DGA is labeled “a first building block for establishing a solid and fair data-driven economy.” by European Commission Executive Vice President Margrethe Vestager.

Source: IAPP, European Commission, Financial Times

Former ICO Commissioner expresses deep concern with U.K. data reforms

Former U.K. Information Commissioner Elizabeth Denham expressed her concerns with the path of the planned data reforms. Denham said she is “deeply concerned about any changes to the data protection regime that would remove the centrality of fairness in how people’s data is used.” Stipulating the proposals on artificial intelligence. She also points out that reforms are “well-timed” but emphasizes that any regulatory reform “must keep people, and people’s trust, at its center.”

Source: IAPP, ICO

Personal Data Protection Law approved in UAE

United Arab Emirates President Sheikh Khalifa bin Zayed Al Nahyan certifies the passing of the Personal Data Protection Law and extensive reforms in the country’s legal system. The law includes data subject rights, controls, and obligations for data processing activities, and strong provisions on user consent. Another law was passed for the creation of the UAE Data Office. Providing enforcement and guidance of the PDPL are part of the task of the office.

Source: IAPP, Gulf News

More about the author

Written by Masha Komnenic CIPP/E, CIPM, CIPT, FIP

Masha is an Information Security and Data Privacy Specialist and a Certified Data Protection Officer. She has been a Data Protection Officer for the past six years, helping small and medium-sized enterprises achieve legal compliance. She has also been a privacy compliance mentor to many international business accelerators. She specializes in implementing, monitoring, and auditing business compliance with privacy regulations (HIPAA, PIPEDA, ePrivacy Directive, GDPR, CCPA, POPIA, LGPD). Masha studied Law at Belgrade University, and she passed the Bar examination in 2016. More about the author