In August, the Insights Association tussled with more state and federal privacy legislation, laws and regulation; considered the implications of COVID-19-related mandates for employers; analyzed pending changes to the pharmaceutical industry’s restrictions on interactions with doctors; and opposed a potential federal tax on companies operating online. We’re also nearing the finish line in our campaign to fix the California law requiring a minimum wage for research subjects.

This month, the Insights Association is dealing with new state privacy and data security laws, funding for the census, how insights offices can approach reopening as the pandemic ends, and a variety of other policy concerns, while helping to advance a fix to California A.B. 2257 through the state legislature.

According to a report from the Irish Data Protection Commissioner, “data controllers” should “regularly audit their holdings of personal data and the procedures they have in place to protect this data.”

The European Data Protection Supervisor (EDPS) released a report on the European Union's data protection strategy for the next four years, regarding the General Data Protection Regulation (GDPR) and other issues.

Not five years ago, the European Court of Justice struck down the Safe Harbor, the primary legal vehicle for transatlantic data transfers. Now, the court appears to have done the same to its replacement, the U.S.-EU Privacy Shield.

According to a report from Ireland’s Data Protection Commis

Privacy debate too often focuses on the risks from data rather than the risks to trade that arise from the restrictions on cross-border data flows, between and within multinational organizations and companies, and between individuals and companies all around the world, according to an FTC Commissioner who spoke at a recent conference in Washington, DC.

The European Commission recently delivered a passing grade for the U.S.-EU Privacy Shield, the agreement allowing for trans-Atlantic data transfer, in their second annual review, despite urging from the European Parliament this past summer to abrogate the deal.

Even during the partial government shutdown, the U.S. Commerce Department continues to administer certification for an essential trans-atlantic data transfer program.

An ITIF privacy debate considers what U.S. privacy law should look like and how to respond to California and Europe