Welcome to “Last Week in Privacy!” Each week, OneTrust’s in-house privacy experts will give you the top international privacy industry highlights from last week.
Here’s a quick recap of last week’s top privacy industry headlines:
- Over 100 senior officials from the U.S. Government, the European Commission and EU Data Protection Authorities met in Brussels to conduct the second annual review of the EU-U.S. Privacy Shield framework, and the fate of the of the framework is still unclear. According to a joint statement from European Commissioner Vera Jourova and U.S. Secretary of Commerce Wilbur Ross, the European Commission plans to publish a report of its findings on the functioning of the Privacy Shield before the end of this year, and the Court of Justice of the EU is expected to hold hearings over complaints about the Privacy Shield in the first half of 2019.
- Apple, Google, Facebook and Microsoft all publicly endorsed a comprehensive federal privacy law in the United States at the recent International Conference of Data Protection and Privacy Commissioners in Brussels. According to Apple CEO Tim Cook, the issue turns on a simple question, as he asked an audience full of the world’s privacy regulators, “What kind of world do we want to live in?” and said that his company was in full support of a GDPR-esque law in the U.S. The endorsements of four of the world’s top tech companies is a big step, and one that we will continue to monitor closely.
- UK Digital Minister Margot James stated that talks between the UK and the European Commission about post-Brexit data sharing have not started. According to James, the European Commission “has not indicated that it is yet ready to start such discussions.” The UK is set to formally leave the EU on March 29th, 2019, and reports indicate that an adequacy decision on the UK’s data protection regime is unlikely to be made before that time.
- In an open letter to EU Ministers, a coalition of energy companies warned that the current draft of the proposed ePrivacy Regulation would “make data processing for innovative energy services practically impossible” due to its lacking of additional legal bases similar to those under the GDPR, such as where processing is necessary to perform a contract with the individual, or where processing is necessary for the purposes of legitimate interests. According to the coalition, “certain exemptions are needed for third parties to fulfill their contractual obligations to their customers.” The coalition also raised concerns about the current draft’s rules around consent, in particular that consent can be withdrawn by individuals without any advance notice.
- The Office of the Australian Information Commissioner has reported a 18 percent increase in the number of privacy related inquiries and complaints they have received this year. According to the OAIC, this growth is a result of a continuing year-over-year trend of increasing public awareness about privacy issues and individual rights over personal information, as well as the introduction of Australia’s new Notifiable Data Breach Scheme and Europe’s GDPR.
- Google has announced new features within its search tool that will allow users to easily review and delete their search activity log, learn what data Google collects about them, and more easily find relevant privacy controls without having to navigate to a separate screen. The new feature, which Google is calling “Your Data” is also expected to be spread to Google’s other products as well in an effort to increase transparency and control for their users.
That’s all for this week, be sure to join us next week for Last Week in Privacy.