Weekly Privacy News Update – Episode 42


Facebook shut down in EU impeded, decision stalled

The stoppage of Facebook and Instagram has been prevented, as the Irish Data Protection Commission orders to stop Meta’s EU-US data transfers faced objections, and a final decision for the case has been stalled. Data protection authorities raised concerns amidst the four-week consultation mandate under Article 60 of the EU General Data Protection Regulation (GDPR). They will spend more months working out the discrepancies. If these discrepancies are not settled, it will trigger the Article 65 dispute resolution mechanism.

Source: Politico, IAPP

Google appeals to revoke class-action status for data collection case

Tech giant Google has requested a federal judge to turn down the class-action status to a group of Chrome users who accused the company of harvesting data despite using incognito mode. Google allegedly violated US and California privacy laws for failing to inform users accordingly about how their data is collected while incognito. The company has contested the case as some users may be confused as to how incognito collected their data. In contrast, a sizable number of users are mindful that the feature still gathers user data.

Source: MediaPost, IAPP, Washington Post

Clarifications pursued by EDPS for EU-Japan cross-border data flow agreement

A recommendation was issued by the European Data Protection Supervisor (EDPS) to the Council of the European Union to launch further negotiations with Japan for a cross-border data flow agreement. Japan already received an adequacy decision from the EU in 2019; regardless, the EDPS still seeks clarification regarding how negotiated rules should not hinder measures that require controllers or processors to store personal data in the EU or the European Economic Area.

Source: IAPP, EDPS

Children’s privacy bill closer to final passage in California

With 5-0 votes, the California Senate’s Committee on Appropriations will advance Assembly Bill 2273 (California Age-Appropriate Design Code Act) to the Senate floor. The bill is now qualified for final passage pending potential concurrence with the Assembly after completing the second reading and committee vote. The bill includes provisions akin to the UK Age Appropriate Design Code, such as children’s data protection and limiting online exposure to minors under 18 years old. The exclusive enforcement authority for the bill will be the California Privacy Protection Agency (CPPA).

Source: California Legislative Information, IAPP

Masha Komnenic CIPP/E, CIPM, CIPT, FIP
More about the author

Written by Masha Komnenic CIPP/E, CIPM, CIPT, FIP

Masha is an Information Security and Data Privacy Specialist and a Certified Data Protection Officer. She has been a Data Protection Officer for the past six years, helping small and medium-sized enterprises achieve legal compliance. She has also been a privacy compliance mentor to many international business accelerators. She specializes in implementing, monitoring, and auditing business compliance with privacy regulations (HIPAA, PIPEDA, ePrivacy Directive, GDPR, CCPA, POPIA, LGPD). Masha studied Law at Belgrade University, and she passed the Bar examination in 2016. More about the author

Related Articles

Explore more resources