Hello Friends,
The most talked-about privacy regulation, the China Personal Information Protection Law kicked in yesterday on November 1st. Just over two months since its adoption, the law became effective with companies still trying to figure out how to best comply with the requirements of the law and regulators working 24/7 to best answer their questions.
This news and more, in this fortnights' Data Privacy Insights- curated privacy news from across the globe.
Enjoy reading!
China's Personal Information Protection Law Takes Effect
China’s new Personal Information Protection Law took effect yesterday on 1st November 2021. The China PIPL outlines the ground rules around data collection, use, and storage, as well as data processing requirements for based out of China including what they must do when they transfer data out of the country.
UIDAI Seeks Exemption from India Personal Data Protection Bill
The Unique Identification Authority of India (UIDAI) has sought exemption from the India Personal Data Protection (PDP) Law. In an interaction with the Joint Parliamentary Committee on Data Protection Bill 2019, UIDAI functionaries said the authority is already being governed by the Aadhaar Act and there cannot be duplicity of laws.
Google To Allow Removal of Minors' Photos from Search
Google announced it will let minors request to remove images from the company’s search feature. Anyone under the age of 18, or their guardians, can request the images on search results be removed by filling out a form to report the image
Apple’s App Privacy Report Launches a Beta Version
Apple has now launched a beta version of its “App Privacy Report,” a new feature that aims to provide iOS users with details about how often their everyday apps are requesting access to sensitive information, and where that information is being shared. The feature was first introduced at Apple’s Worldwide Developer Conference in June, amid other privacy-focused improvements, including tools to block tracking pixels in emails, a private VPN, and more.
AEPD Offers In-Depth Look at Differential Privacy
Spain's data protection authority, the Agencia Española de Protección de Datos, wrote a blog post detailing the proper deployment and benefits of differential privacy models. The AEPD broke down how to achieve differential privacy through privacy engineering, noting the "great advantage" to using it is "the loss of privacy, as well as the precision of the analysis, can be objectively quantified, as well as the accumulated privacy risk as a consequence of successive queries made on the same data set.
DPAs Publish Joint Statement on Global Privacy Expectations Of Video Teleconferencing Companies
The U.K. Information Commissioner's Office offered an update on its global coordination with six data protection authorities to convey privacy expectations for video conferencing platforms. In July 2020, the ICO joined regulators from Australia, Canada, China, Gibraltar, Hong Kong, and Switzerland in an open letter to Microsoft, Google, Cisco, and Zoom regarding preferred privacy practices and standards.
Kenya Law Penalizes Lenders That Share Personal Data
Kenya's banking regulator can now revoke permits of digital lenders that share personal data of customers with third parties, TechCrunch reports. A new clause added to a law passed by the National Assembly requires digital lenders to be licensed by the Central Bank of Kenya, rather than simply register, to combat rogue lenders. The clause also gives the bank the ability to suspend lender licenses when they breach the Data Protection Act or Consumer Protection Act.
OAIC Releases 2020-21 Annual Report
The Office of the Australian Information Commissioner released its 2020-21 annual report, highlighting its focus over the past year on meeting privacy needs amid the COVID-19 pandemic. In 2020-21, the OAIC received 2,474 privacy complaints and 975 breach notifications.