Top 10 Privacy Moments of 2021: 6-4 
Top 10 Privacy Moments of 2021: 6-4 ...

Top 10 Privacy Moments of 2021: 6-4 

Countdown the 10 biggest privacy developments of the past 12 months.

clock4 Min Read

Featured Image

There have been plenty of developments in the privacy world to keep track of over the past 12 months. As the end of the year approaches we take a look back at some of the developments that had the biggest impact on the privacy landscape. In the first installment of this series, we took a look at developments in Brazil, the APAC region, the Middle East, and Quebec. In this installment, we will look into what has happened this year regarding cookies, the EU Whistleblowing Directive, and US state privacy laws.  

 

Download the report - Data privacy in 2021

Top 10 Privacy Moments of 2021: 6-4 

  1. Cookies

Cookies and similar technologies have again remained a hot topic this year despite a lack of movement with the draft ePrivacy Regulation.  

The CNIL has been enforcing the implementation of their guidelines and final recommendations on cookies and other trackers which entered into force in March. The CNIL’s final guidelines included key principles including the recommendation to integrate a ‘Refuse All’ option, instead of a preference management option on the same information layer as an ‘Accept All’ option.  

In December, the Federal Act on the Regulation of Data Protection and Privacy in Telecommunications and Telemedia (TTDSG) entered into force. The TTDSG consolidated the Telemedia Act 2007 and Telecommunications Act 1996 as well as implemented cookie consent requirements in accordance with Article 5(3) of the ePrivacy Directive in response to the CJEU’s ruling in the Planet49 case.  

In February, the Council of the European Union announced that it had agreed on a negotiating mandate. Negotiations will now commence with the European Parliament on the agreed text. Elsewhere in Europe, guidelines on the use of cookies were also issued in ItalyFinland, and Luxembourg.  

Further resources: 

  1. EU Whistleblowing Directive

The deadline for Member State implementation of the EU Whistleblower Directive passed on December 17, 2021. Member States had until this date to transpose the directive into national legislation. The Directive entered into force on December 16, 2019, giving Member States two years to transpose the Directive into national law. However, just a month before this deadline there were still jurisdictions in the region that hadn’t started the implementation process. The EU Whistleblowing Directive sets out a common minimum standard for the protection of whistleblowers across Europe and gives individuals working in private or public organizations the ability to report breaches of EU law in a workplace context without fear of retaliation.  

Further resources: 

  1. US State Laws

Throughout 2021 we have seen plenty of activity with respect to US State Privacy Laws. Across the US, many privacy bills were introduced to state legislatures, however, only a handful made it through into law. Notably, privacy bills in states such as Florida, Washington, and New York all died on the legislative calendar this year.  

There were some success stories to shout about, however – Back in March, the Virginia Consumer Data Protection Act (CDPA) was signed into law by the State Governor becoming the next state since California to introduce a comprehensive privacy law. The CDPA will introduce increased protection for consumer data and establishes a range of data subject rights, among other things. The CDPA will enter into effect on January 1, 2023.  

In July, Colorado followed suit and passed its own comprehensive privacy legislation, the Colorado Privacy Act (CPA). Like the CDPA, the CPA will introduce several new consumer rights and outlines a range of key definitions, including Controller and Processor. The CPA will enter into effect on July 1, 2023. 

 And, if you wanted another initialism to add to the list, the California Privacy Protection Agency (CPPA) held their inaugural board meeting this year and launched a public consultation on proposed rulemaking under the California Privacy Rights Act (CPRA). 

At a federal level, there have been many attempts to introduce privacy bills through 2021. One of these being the draft Control Our Data Act which, if passed, would set clear rules for protecting consumers’ data privacy on a national scale.   

Further resources:  

Follow OneTrust on LinkedInTwitter, or YouTube for the latest privacy developments.

Tags:

data privacy in 2021
global privacy
privacy

You Might Also Be Interested In


FEB 24, 2022
Privacy Management

Privacy 101: Steps to Establishing a Sustainable Privacy Program

FEB 17, 2022
Privacy Management

Privacy 101: The Basics of Building a Privacy Program (No Matter Your Size)

FEB 10, 2022
Privacy Management

Privacy 101: Where Do I Start?

JAN 20, 2022
Privacy Management

The Ultimate Incident Management Handbook

FEB 22, 2022
Data Governance

Privacy Automation: Bridging the Gap Between Compliance & Data Governance to Deliver Trusted Public Services

JAN 25, 2022
Data Transfers

Austria DSB Rules on Analytics Complaint: The Implications on Data Transfers

FEB 09, 2022
Privacy Management

Global Data Residency Requirements: What You Need to Know

FEB 08, 2022
Data Discovery

Go Beyond Workflow: Mature Your Privacy Program through Automation, Intelligence & Governance

BackToTop
Onetrust All Rights Reserved