Weekly Privacy News Update – Episode 49


13% boost for Irish DPC 2023 budget

Ireland’s Data Protection Commission (DPC) will get a boost of 13% for its 2023 budget, as announced by the Irish Government. The country’s data protection authority will receive more than EUR 26 million, which will be used to add two more commissioners and another EUR 3 million allocated for staffing. The Irish government states that it recognizes the DPC’s role in protecting privacy rights as the reason for the increase.

Source: Government of Ireland, IAPP

Michigan Personal Data Privacy Act introduced by lawmakers

Michigan Sen. Rosemary Bayer, D-Mich., and fellow Senate Democrats introduced a comprehensive data privacy bill, Senate Bill 1182, the Michigan Personal Data Privacy Act. The proposed legislation includes consumer opt-outs for data sales and targeted advertising, a data broker registry, a 30-day right to cure, and a private right of action with 30 days of notice. Covered by the bill are businesses that hold data of more than 100,000 consumers and those with 25,000 consumers while generating 50% gross revenue from data sales.

Source: LegiScan, IAPP

GBP 27 million possible fine for TikTok for UK data protection violations

A notice of intent was published by the UK Information Commissioner’s Office (ICO) to issue GBP 27 million fine to TikTok for data protection violations. The ICO apparently made an investigation that found the company processed data from children under the age of 13 without consent. They also processed special category data with no legal basis, and were inadequate in providing users with proper information that is easy to understand, concise, and transparent. The decision of the ICO is still provisional, and will consider hearing from TikTok before issuing a final decision.

Source: Information Commissioner’s Office, IAPP

Google to compensate Illinois residents for BIPA class-action lawsuit

Residents in Illinois will get $154 each as part of Google’s settlement of a class-action lawsuit for violating the state’s Biometric Information Privacy Act (BIPA). The case stemmed from collecting and storing biometric data of individuals residing in Illinois and appeared in a photo that was stored in a sharing and storage service, Google Photos, without appropriate notice and consent. The decision for the $100 million settle was pre-approved last spring and was finally approved by Cook County Judge Anna Loftus

Source: NBC ChicagoIAPP

Masha Komnenic CIPP/E, CIPM, CIPT, FIP
More about the author

Written by Masha Komnenic CIPP/E, CIPM, CIPT, FIP

Masha is an Information Security and Data Privacy Specialist and a Certified Data Protection Officer. She has been a Data Protection Officer for the past six years, helping small and medium-sized enterprises achieve legal compliance. She has also been a privacy compliance mentor to many international business accelerators. She specializes in implementing, monitoring, and auditing business compliance with privacy regulations (HIPAA, PIPEDA, ePrivacy Directive, GDPR, CCPA, POPIA, LGPD). Masha studied Law at Belgrade University, and she passed the Bar examination in 2016. More about the author

Related Articles

Explore more resources