Activity Tracker

under deliberation

EU Data Governance Act

Latest event Date: 2022-05-16 law passage

Council adopts Data Governance Act

On 16 May 2022, the Council passed the Data Governance Act. The Data Governance Act (DGA) aims to improve data sharing trust, establish new EU laws on data marketplace neutrality, and make it easier to reuse some public-sector data. In important fie…

Implementer

EU-27

Policy area Data governance

Policy or regulatory element Data protection regulation

Economic activity cross-cutting

adopted

CNIL Guidelines on "Cookie Walls"

Latest event Date: 2022-05-16 outline adoption

Adopted CNIL Cookie Walls Guidelines

On 16 May 2022, the French personal data protection authority /Commission nationale de l'informatique et des libertés (CNIL)), published guidelines on the legality of "cookie walls". Cookie walls refer to making access to a website's content conditi…

Implementer

France

Policy area Data governance

Policy or regulatory element Data protection regulation

Economic activity cross-cutting

adopted

Guidance on Recommended Model Contractual Clauses for Cross-Border Personal Data Transfers

Latest event Date: 2022-05-12 outline adoption

Issued PCPD Guidance on Recommended Model Contractual Clauses for Cross-Border Personal Data Transfers

On 12 May 2022, the Hong Kong Privacy Commissioner for Personal Data (PCPD) issued its Guidance on Recommended Model Contractual Clauses for Cross-border Transfer of Personal Data. The Guidance contains two sets of Recommended Model Contractual Clau…

Implementer

Hong Kong

Policy area Data governance

Policy or regulatory element Data transfer regulation

Economic activity cross-cutting

adopted

Connecticut: Data Privacy Bill

Latest event Date: 2022-05-10 law signing

Connecticut Privacy Bill (SB 6) signed

On 10 May 2022, the Bill for "An Act concerning personal data privacy and online monitoring" was signed by the Governor of Connecticut and will become effective on 1 July 2023. The comprehensive data protection bill will apply to persons that conduc…

Implementer

United States of America

Policy area Data governance

Policy or regulatory element Data protection regulation

Economic activity cross-cutting

processing consultation

SEC rules on enhancing and standardising cybersecurity risk management

Latest event Date: 2022-05-09 order consultation closed

Consultation closed on SEC rules on enhancing and standardising cybersecurity risk management

On 9 May 2022, the Securities and Exchange Commission (SEC) has closed the consultation on its proposed rules on enhancing and standardising cybersecurity risk management. The proposed rules would apply to companies subject to SEC reporting requirem…

Implementer

United States of America

Policy area Data governance

Policy or regulatory element Cybersecurity regulation

Economic activity cross-cutting

in force

New York: Bill on Notification of Electronic Monitoring

Latest event Date: 2022-05-07 law implementation

Implemented New York Bill on Notification of electronic monitoring

On 5 May 2022, Senate Bill S2628 is put into force. The Bill obliges employers to inform all employees about the way they are electronically monitored. This notification must be done before they are hired and after that once every year. The Bill con…

Implementer

United States of America

Policy area Data governance

Policy or regulatory element Data protection regulation

Economic activity other service provider

under deliberation

Data transfer requirements in EU Data Act

Latest event Date: 2022-05-04 law opinion

Issued EDPB-EDPS Joint Opinion on Data Act including data transfer requirement

On 4 May 2022, the European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) issued a set of Joint Opinions on the EU Commission's Proposal for a Data Act. The EDPB and EDPS find that additional measures are necessary …

Implementer

EU-27

Policy area Data governance

Policy or regulatory element Data transfer regulation

Economic activity cross-cutting

under deliberation

Data protection measures in EU Data Act

Latest event Date: 2022-05-04 law opinion

Issued EDPB-EDPS Joint Opinion on Data Act including data protection measures

Implementer

EU-27

Policy area Data governance

Policy or regulatory element Data protection regulation

Economic activity cross-cutting

in force

Data Protection Authority investigation into IP anonymisation as safeguard for and "risk based approach" to data transfers

Latest event Date: 2022-05-02 investigation ruling

Ruling refuting IP anonymisation as safeguard for and "risk based approach" to data transfers

On 2 May 2022, the Austrian Data Protection Authority issued a ruling refuting IP anonymisation as safeguard for data transfers from the EU to the United States. The authority rejected arguments by Google that websites using its tools, such as Googl…

Implementer

Austria

Policy area Data governance

Policy or regulatory element Data transfer regulation

Economic activity platform provider

processing consultation

EDPB Guidelines on dark patterns in social media platform interfaces

Latest event Date: 2022-05-02 outline consultation closed

Closed consultation on EDPB Guidelines on dark patterns in social media platform interfaces

On 2 May 2022, the European Data Protection Board closed the consultation on its previously published "Guidelines 3/2022 on dark patterns in social media platform interfaces: how to recognize and avoid them". Specifically, "dark patterns" are user i…

Implementer

EU-27

Policy area Data governance

Policy or regulatory element Data protection regulation

Economic activity cross-cutting

Activity Tracker

The DPA Activity Tracker provides our latest information on developments in legislatures, judiciaries and the executive branches of G20, EU member states and Switzerland.

1168 events advancing 642 policy or regulatory changes:

Graph

Table

Refine your search

EU Data Governance Act

Council adopts Data Governance Act

CNIL Guidelines on "Cookie Walls"

Adopted CNIL Cookie Walls Guidelines

Guidance on Recommended Model Contractual Clauses for Cross-Border Personal Data Transfers

Issued PCPD Guidance on Recommended Model Contractual Clauses for Cross-Border Personal Data Transfers

Connecticut: Data Privacy Bill

Connecticut Privacy Bill (SB 6) signed

SEC rules on enhancing and standardising cybersecurity risk management

Consultation closed on SEC rules on enhancing and standardising cybersecurity risk management

New York: Bill on Notification of Electronic Monitoring

Implemented New York Bill on Notification of electronic monitoring

Data transfer requirements in EU Data Act

Issued EDPB-EDPS Joint Opinion on Data Act including data transfer requirement

Data protection measures in EU Data Act

Issued EDPB-EDPS Joint Opinion on Data Act including data protection measures

Data Protection Authority investigation into IP anonymisation as safeguard for and "risk based approach" to data transfers

Ruling refuting IP anonymisation as safeguard for and "risk based approach" to data transfers

EDPB Guidelines on dark patterns in social media platform interfaces

Closed consultation on EDPB Guidelines on dark patterns in social media platform interfaces