Adoption of Privacy Shield expected in early July; Federal Court limits VPPA liability; Belgian Court overturns Facebook fine; FTC robocall crackdown; A rare HIPAA criminal conviction; UK’s ICO fines Brexit campaigners for mass text messages; House report calls for national encryption commission.
European Commission expects adoption of Privacy Shield for beginning of July
European officials are hoping to finally formalize the “EU-U.S. Privacy Shield”, the cross-Atlantic data transfer pact aiming at replacing the formerly invalidated “U.S.-EU Safe Harbor” Framework, on July 5. The initial draft agreement has been amended to include new explanations of U.S. governmental entities and further limitations on the bulk collection of data and mass surveillance. The European Commission is now confident that also the Article 31 Committee will give its approval to the draft framework.
Many European Privacy regulators and EU bodies, such as the European Parliament and the European Data Protection Supervisor, had argued that the initial draft did not sufficiently protect the fundamental rights of European data subjects. The revised version now “only” allows bulk collection “exceptionally”, where targeted collection is “not feasible”, although it remains open how ‘feasibility’ should be determined.