Legislation

January 29, 2021

Police Say They Can Use Facial Recognition, Despite Bans

More than a dozen cities have passed facial recognition bans in the past couple of years, but police say there are loopholes.

A close-up of a laptop on a desk, showing a partially visible screen displaying a grid of photos. The keyboard is prominent in the foreground, with a reflective touchpad. The background is slightly blurred, featuring another device or monitor.

January 28, 2021

Germany Publishes New Draft Rules for Cookies and Similar Technologies

On January 12, 2021, the German Ministry for the Economy and Energy released a new draft Law on Data Protection and the Protection of Privacy in Telecommunications and Telemedia (TTDSG).

Two people stand on a sidewalk gazing up at a brown brick wall adorned with numerous surveillance cameras aligned in rows and columns. A tall, narrow window and a black door are between the rows. The cameras face different directions, creating a striking visual pattern.

January 27, 2021

EU Parliament Guidelines Call for Moratorium on Facial Recognition

In a report released January 20, 2021 the European Parliament proposed a moratorium on use of facial recognition technology in public and semi-public spaces

Aerial view of downtown Cincinnati, showcasing tall buildings, including Fifth Third Bank and US Bank towers. The streets below are busy with cars and buses. The urban setting is vibrant, with a mix of architectural styles and city infrastructure, captured in cool, muted tones.

January 25, 2021

New Proposed Rule Requires US Banks to Notify Regulators within 36 Hours

The Proposed Rule would require a “banking organization” to notify its primary regulator no later than 36 hours after reasonably determining that a qualifying incident has occurred

January 22, 2021

Portland Becomes First Jurisdiction to Ban Certain Uses of Facial Recognition by Private Businesses

In an effort to ameliorate the potential discriminatory impact of facial recognition technologies on people of color, women, and other groups, Portland, Ore., recently joined a growing number of jurisdictions limiting the use of facial recognition technology.

Three closed white binders are stacked horizontally against a plain white background. The binders are aligned neatly, with their spines facing right. Their pages are slightly visible and appear to be filled with documents.

January 22, 2021

New York State Lawmakers Reintroduce CCPA-Like Data Privacy Legislation

California Consumer Privacy Act-like regulations may be coming to a New York business near you. State lawmakers have reintroduced two key pieces of data.

Person facing laptop displaying code in green text against a dark background, overlaid with a digital padlock symbol. The padlock is green with a gray shackle, indicating a theme of cybersecurity or data protection. A partial map is visible beneath the code.

January 20, 2021

EDPB Publishes Guidelines on Examples regarding Data Breach Notification

European Data Protection Board released draft Guidelines on Examples regarding Data Breach Notification.

A child with short brown hair is sitting at a wooden table, facing a laptop screen. The screen displays a virtual classroom or online learning platform. The child rests their chin on their hands. A potted plant is in the background on the table.

January 17, 2021

Irish DPC publishes draft Fundamentals for a Child-Oriented Approach to Data Processing

On December 18, 2020, the Irish Data Protection Commission (DPC) published its draft Fundamentals for a Child-Oriented Approach to Data Processing.

A row of European Union flags, featuring yellow stars on a blue background, fluttering on flagpoles. They are set against a modern building facade with a grid of windows. The perspective captures the flags in diminishing order, creating a sense of depth and unity.

January 17, 2021

EDPB & EDPS adopt joint opinions on new sets of SCCs

The EDPB and EDPS have adopted joint opinions on two sets of contractual clauses (SCCs). One opinion on the SCCs for contracts between controllers and processors and one on the SCCs for the transfer of personal data to third countries.