A Little Privacy: week of July 26

–

USA

NEW FEDERAL PRIVACY LEGISLATION INTRODUCED

Federal legislation, the Setting an American Framework to Ensure Data Access, Transparency, and Accountability Act (SAFE DATA Act) was introduced. The Act would extend access, correction, deletion and portability rights to consumers, impose certain transparency and risk assessment obligations on businesses, and strengthen the FTC’s rulemaking authority.  

AD INDUSTRY GROUPS PEN LETTER TO CALIFORNIA ATTORNEY GENERAL RE: GPC

Several ad industry groups, including the IAB, AAAAs, the NAI, DAA and the ANA sent a letter to the California Attorney General urging him to withdraw the mandate under the CCPA regulations (recently emphasized by the Attorney General in an update to the FAQs) that companies must honor the Global Privacy Control. 

FEDERAL CHILDREN’S PRIVACY BILL INTRODUCED

U.S. representative Kathy Castor introduced the Kids Privacy Act, which would amend the Children’s Online Privacy Protection Act, borrowing elements from the UK’s Age-Appropriate Design Code, including a broader application to sites “likely to be accessed by children and teenagers.” 

Europe

CNIL ISSUES FINE AGAINST FRENCH PUBLISHER FOR AD COOKIE VIOLATION

France DPA, the CNIL, issued a 50,000 euro fine against the SOCIÉTÉ DU FIGARO, publisher of the website lefigaro.fr, for allowing advertising cookies to be placed on user devices without consent. The CNIL noted that “the fact that cookies come from partners does not release the site editor from its own responsibility insofar as it has control of its site and its users.” 

The Luxembourg DPA issued a 746 million Euro fine against Amazon, as reported by Bloomberg on Friday. According to a reaction by the complainant, La Quadruture du Net, the complaint centered around Amazon’s advertising targeting system being carried out without “free consent”. Amazon has reported that it will appeal the decision. 

INDUSTRY

ANDROID INTRODUCES NEW PRIVACY REQUIREMENTS FOR DEVELOPERS

Google announced that it will require developers to include privacy notices in a “safety section” to be displayed before Android users download Play Store apps, starting in Q1 2022. 

GLOBAL

NEW CHINESE PRIVACY LAW, PIPL, COULD BE ENACTED IN AUGUST

The Standing Committee of the National Peoples Congress in China decided that they would consider the Personal Information Protection Law (PIPL) in their next meeting August 17-20. If there are no objections, PIPL will be enacted following the meeting. The law requires consent to process personal data with some exceptions, but legitimate interest is not an exception.