The Council of the European Union pushes on with Data Act
The Czech Presidency of the Council of the European Union made changes to the proposed Data Act before the scheduled discussion on Nov. 8. The modifications include an alignment of language regarding international data transfers to what is in the Data Governance Act. Changes to provisions for enforcement and interoperability are also part of the modifications. The Data Act will regulate how data can be accessed, shared, and transferred.
SolarWinds to pay $26 million settlement tentatively for data breach
SolarWinds will tentatively pay the $26 million settlement in filing with the US Securities and Exchange Commission (SEC). The settlement is for the shareholder lawsuit on the company’s cybersecurity disclosures before the data breach. The software company did not admit the violation, which requires approval by a judge. SolarWinds also received a Wells notice from the SEC, maintaining that the company violated US securities law.
TikTok’s privacy policy revamp in Europe discloses data access
TikTok amended its European privacy policy and disclosed the details of the company’s access to user data. The revised privacy notice is applied to users in the European Economic Area, the UK, and Switzerland. The updated privacy policy reveals that China is one of the several countries where employees can access user data for critical functions. According to Elaine Fox, TikTok’s Privacy Head in Europe, company employees in other countries can access data to manage a consistent, enjoyable, and safe user experience. TikTok is under GDPR investigation for the platform’s data exports to China, headed by Ireland’s Data Protection Commission (DPC).
Source: TechCrunch, IAPP
CPPA launches a 15-day comment period for CPRA draft regulations
A 15-day comment period was announced by the California Privacy Protection Agency (CPPA) for the California Privacy Rights Act (CPRA) draft regulations. It will run until Nov. 21. The public consultation was launched following the approval of the modified draft regulations by the CPPA Board. The final regulations are aimed to be in place before the end of 2022.
