Here are key highlights from March 2022 detailing global news and regulatory updates.
US & Canada
Canadian Bar Association identifies ways to improve the next federal privacy bill
US, EU, agree ‘in principle’ to new trans-Atlantic data agreement, details still unknown
US state of Utah enacts comprehensive consumer privacy legislation, taking effect Dec. 31, 2023
US Senators propose commission to study modernizing HIPAA: more details
US President Biden signs law on reporting critical infrastructure cyberattacks, with relevant entities to report attacks within 72 hours
US lawsuit gives peek into shadowy world of data brokers and shows need for data privacy law
EMEA
African data protection authorities sign MOU to advance enforcement and harmonization of data protection laws
EU, US, agree ‘in principle’ to new trans-Atlantic data agreement, details still unknown (as noted above under US & Canada)
EU Parliament, Council reach deal on Digital Markets Act to regulate large tech platforms
EU proposal for the European Health Data Space Regulation revealed, addressing both primary and secondary health data use
EU’s EDPB releases guidelines on “dark patterns”, practices that manipulate online user decisions about personal data
EU cybersecurity agency ENISA calls for research on pseudonymization to bolster data protection in the healthcare sector
Saudi Arabia’s data and AI authority postpones data protection law implementation until Mar. 2023
UAE law in Dubai International Financial Centre enacted, including amendments to Data Protection Law of 2020
UK‘s post-Brexit international data transfer agreement enters into force, broadly mirroring GDPR rules
UK Information Commissioner’s Office (ICO) requests feedback on latest chapter of its guidance on anonymization, pseudonymization and privacy enhancing technologies
APAC
China’s Personal Information Protection Law: An in-depth look at the rules on international data transfers
Singapore’s Personal Data Protection Commission publishes guide on anonymization
Sri Lankan parliament passes data protection act after a series of amendments
LATAM
No updates reported this month