Privacy in 2021: Developments You Should Watch Out For
Related Articles in
1. Significant changes to privacy legislation in Canada.
Canadian federal and provincial governments have tabled and proposed sweeping changes to privacy laws in Canada. For example:
2. The United States is getting into the Privacy Law game in a serious way
The impact of privacy law developments in the United States on Canadian business cannot be understated. So many of our clients, customers, and service providers are based in or have ties to the U.S.
California has pushed the agenda with the emergence of consumer privacy protection and rights laws through ballot initiatives. The California Consumer Privacy Act and the California Privacy Rights Act (CPPA and CRPA) have implemented a number of privacy “firsts” in the U.S., including a privacy focused regulator with full power to implement and enforce the privacy laws. In addition to narrow requirements regarding individual rights over consumer data and prohibitions on “selling” (defined broadly) that information without opt-in express consent, these laws provide for individual rights of access and correction, as well as to restrict usage. Special provisions are placed on geolocation information and sensitive information. Employee personal data will not be covered until 2023 and there will be expanded breach liability with a private right of action.
We anticipate other states will follow suit with similar legislative initiatives, and Congress may attempt to address an unwieldy patchwork of state legislation by bringing in federal privacy legislation.
3. Continued development and enforcement of GDPR
GDPR continues to reveal its implications as the European Data Protection Board provides guidance on various issues and implementation of the regulation, and the European Court of Justice interprets and applies the law.
Significant issues to be sorted out this year include:
The remaining EU will likely see more effective and coordinated enforcement of GDPR under the European Data Protection Board, as well as valuable guidance outlining policies on AI, biometrics, profiling, cloud services and blockchain, with a focus on data security (i.e. privacy by design and default, accountability).
We anticipate there will be greater enforcement regarding cross-border transfers of personal data.
4. Operating system privacy “enhancements”
Whether the motivations are privacy as a principle, consumer confidence, regulatory compliance or otherwise, we already see greater movement by the developers of operating systems, particularly Apple iOS (and some Android variants), to highlight privacy features, such as greater transparency and control over use and sharing of personal information. For practical reasons, such as the desire to make applications available on these operating systems, developers will want to address these features and requirements.
We expect that consumers will see more privacy options, opt-ins/outs and “nutrition” labels about how apps use and share data in 2021.
Link to article
Related Articles in
- Buchalter TCPA Digest: More ATDS Cases Slip Past Pleading Stage, Plaintiffs Keep Trying to Leverage Facebook’s FN7, and Florida Enacts Not-so-“Mini” TCPA
- Charities and Data Protection: Brexit, The New EU SCCs and Guidance, What Do We Do Now?
- AML/CFT Supervisors Release Updated Guideline for the Amended Identity Verification Code of Practice 2013
WSG Member: Please login to add your comment.