Op-ed on what we know of the EDPB opinion on Pay or OK April 17, 2024, 5:15 p.m. (Brussels) Today, the EDPB plenary had a moment. It discussed an opinion on the Pay or OK models for social media. It was not its role, but it was likely trapped to do, as Art. 64(2) GDPR didn’t consider that national data protection authorities would sometimes use tactics similar to privacy activists to weaponize fundamental rights in a fight that has very little to do with privacy at its core. The discussion is much more about the Internet we want (or not). “In most cases, it will not be possible for large onlin ..read more

On March 22, the Western District of Washington granted a motion to remand cases removed from state court in In re Fred Hutchinson Data Security Litigation, 2:23-cv-01893-JHC, 2024 WL 1240681 (W.D. Wash. March 22, 2024). In doing so, it highlighted for litigators and companies alike a lesson in the importance of understanding how courts determine citizenship when determining diversity jurisdiction under the Class Action Fairness Act (“CAFA”). In re Fred Hutchinson results from a November 2023 data breach at Fred Hutchinson Cancer Center (“Fred Hutch”) in Seattle. Plaintiffs allege that due to ..read more

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information. Singapore Progresses Towards Amended Cybersecurity Law | Privacy World Heavyweight Fight, Did the US or EU KO the AI Treaty? | Privacy World Are you Ready for Washington and Nevada’s Consumer Health Data Laws? | Privacy World April’s APRA: Could Draft Privacy Legislation Blossom into Law in 2024? | Privacy World The Italian DPA Has Its Eyes on Biometric IDs – Another Fight on ..read more

In a Nutshell On 17 April 2024, the Cybersecurity Agency of Singapore (Agency) issued a response to public feedback received on a draft amendment to its cybersecurity law. This draft amendment of the Cybersecurity Bill (Bill) was published as part of a public consultation exercise from 15 December 2023 to 15 January 2024. Our earlier post about this consultation can be accessed here. What Was the Industry Feedback Received on the Bill? The Agency received and considered a total of 55 different submissions comprised of comments and feedback on the Bill from critical information infrastructure ..read more

1. Introduction The Framework Convention on Artificial Intelligence, Human Rights, Democracy and the Rule of Law has been concluded by the Council of Europe (CoE) Committee on Artificial Intelligence on March 24, 2024, finally landing a decisive blow with a provisional agreement on the text of a treaty on artificial intelligence and human rights (Treaty). This Treaty is the first of its kind and aims to stablish basic rules to govern AI that safeguard human rights, democratic values and the rule of law among nations. As a CoE treaty, it is open for ratification by countries worldwide. It is wo ..read more

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information. April’s APRA: Could Draft Privacy Legislation Blossom into Law in 2024? | Privacy World Singapore Issues Privacy Guidelines for Children’s Online Safety | Privacy World China Finalizes New Regulations to Relax Personal Data Exports from China | Privacy World Squire Patton Boggs Lawyers to Present on Several Upcoming Webinars and Events | Privacy World ..read more

This week, House Committee on Energy and Commerce Chair Cathy McMorris Rodgers (R-WA) and Senate Committee on Commerce, Science and Transportation Chair Maria Cantwell (D-WA) unveiled their bipartisan, bicameral discussion draft of the American Privacy Rights Act (APRA draft).[1] Chair Rodgers’ and Chair Cantwell’s announcement of the APRA draft surprised many congressional observers after comprehensive privacy legislation stalled in 2022. In an interview, Chair Rodgers stressed, “This is a discussion draft that Sen. Cantwell and I hammered out, but we’re still open to constructive feedback ..read more

On 2 April 2024, the Italian Data Protection Authority (Garante) announced that on 21 March 2024, it issued a warning to Worldcoin Foundation regarding its intention to collect biometric data (via iris scanning) for digital identification, claiming that such data processing would violate the Regulation (EU) 2016/679 (GDPR). Worldcoin Foundation supports the Worldcoin project, launched in 2019 by Sam Altman, the CEO of OpenAI LLC (OpenAI). The project is based on iris scanning to verify the identity of users and on linking such processing to the “financial instrument” market, specifically the c ..read more

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information. Singapore Issues Privacy Guidelines for Children’s Online Safety | Privacy World China Finalizes New Regulations to Relax Personal Data Exports from China | Privacy World Squire Patton Boggs Lawyers to Present on Several Upcoming Webinars and Events | Privacy World Updates to Mass Arbitration Rules: Scope and Anticipated Impact | Privacy World Never Beyond the Law – the Spanis ..read more

On 28 March 2024, Singapore’s Personal Data Protection Commission (Commission) published a set of advisory guidelines on the applicability of the Personal Data Protection Act (PDPA) on children’s personal data in the digital environment (Guidelines)[1]. What is the Ambit of the Guidelines? The Guidelines are intended to clarify how Singapore’s comprehensive data protection legislation, the PDPA, including its provisions and obligations imposed on relevant organisations, apply to children’s personal data in the digital environment. More specifically, they apply to organisations whose online pro ..read more