News stories posted during October 2011

International E-news - October 2011

Please login or register to see this full article.

06/10/2011 by:

Swedish DPA warns about DP risks involved in cloud services Colombia’s data protection law approved by the Constitutional Court Canadian bill introduces mandatory data breach notification 1. Swedish DPA warns about DP risks involved in cloud...

Comments: 0

International E-news - September 2011

Please login or register to see this full article.

26/09/2011 by:

DP regime proposed in Singapore: Bill expected in early 2012 Article 29 Working Party sceptical over advertising industry’s Self-Regulatory Code Costa Rica adopts a DP law PL&B publishes comprehensive table of privacy laws in 76 jurisdictions...

Comments: 0

International E-news - August 2011

Please login or register to see this full article.

16/08/2011 by:

Hungary adopts new data protection law Important amendments to Russia’s DP law Consultation on data breach notification EU writes to countries that fail to implement e-Privacy 1. Hungary adopts new data protection law Hungary’s legislature adopted...

Comments: 0

International E-news - July 2011

Please login or register to see this full article.

14/07/2011 by:

Nordic DPAs question Facebook on privacy Mexico consults on regulations Netherlands’ cookie clause stricter than EU Directive requires Peru adopts data protection law Sweden: Cookie clause in force 1 July Hungary submits new Data Protection Bill a...

Comments: 0

International E-news - June 2011

Please login or register to see this full article.

14/06/2011 by:

Qatar consults international privacy experts on innovative privacy law Peru: Congress approves DP Bill US aims for federal data breach law Ireland sees 350% increase in data breach notifications 1. Qatar consults international privacy experts on...

Comments: 0

International E-news - May 2011

Please login or register to see this full article.

16/05/2011 by:

Obama administration proposes US federal data breach law EU consults on cloud computing Disney subsidiary to pay $3 million COPPA fine in the USA Canadian bill fails, Commissioner calls for substantial fines 1. Obama administration proposes US...

Comments: 0

International E-news - April 2011

Please login or register to see this full article.

11/04/2011 by:

CNIL’s new enforcement and audit strategy announced at PL&B’s Privacy Officers Network Roundtable with the CNIL in Paris EU Article 29 Data Protection Working Party finds New Zealand adequate New agreement on RFID use DP Authorities call for...

Comments: 0

International E-news - March 2011

Please login or register to see this full article.

23/03/2011 by:

France:  CNIL fines Google a record 100,000 euros for Streetview, Latitude EU Justice Commissioner outlines DP reforms US FTC gives evidence on Do-Not-Track 1. France:  CNIL fines Google a record 100,000 euros for Streetview, Latitude On 17 March...

Comments: 0

International E-news - February 2011

Please login or register to see this full article.

01/02/2011 by:

New infringements and fines adopted under Spain’s Data Protection Law Portugal’s Data Protection Authority implements an electronic notification system Portugal’s Data Protection Authority states its position on the Agreement for the sharing of...

Comments: 0

International E-news - January 2011

Please login or register to see this full article.

20/01/2011 by:

Online Behavioural Advertising: Compliance seal to be introduced France: Companies to be  publicly named and shamed Binding Global Codes suggested as a solution to data transfers outside the European Economic Area Spain: Google to go to court over...

Comments: 0

International E-news - December 2010

Please login or register to see this full article.

22/12/2010 by:

US Department of Commerce proposes Canada adopts law on online data protection German DPAs set minimum requirements for DPOs More detail needed for EU Data Protection Directive revision US FTC: Self-regulation has failed to provide meaningful...

Comments: 0

International E-news - November 2010

Please login or register to see this full article.

03/11/2010 by:

Privacy Commissioners adopt Privacy by Design resolution Commissioners accept FTC and Mexico as new members EU publishes its plans for revision of the Data Protection Directive 1. Privacy Commissioners adopt Privacy by Design resolution The...

Comments: 0

International E-news - October 2010

Please login or register to see this full article.

21/10/2010 by:

EU approves Israel's Adequacy Status Google Wi-Fi: Spain takes Google to court, Canada asks for improvements by February 2011 EDPS comments on EU law enforcement DP review Uruguay adequate, says EU Art. 29 DP Working Party   1. EU approves Israel'...

Comments: 0

International E-news - September 2010

Please login or register to see this full article.

03/09/2010 by:

Germany’s Federal Government approves new Bill on employee data Enforcement network strengthened by new DPA members US Federal Trade Commission joins the Asia Pacific Privacy Authorities Forum EU Art. 29 DP Working Party adopts opinions on RFID, a...

Comments: 0

International E-news - August 2010

Please login or register to see this full article.

20/08/2010 by:

Changes to Spanish Decree Revision of the European Union’s Data Protection Directive on track Hong Kong Commissioner may investigate telecoms companies 1. Changes to Spanish Decree Spain’s Supreme Court decided in July to void three articles in th...

Comments: 0

International E-news - July 2010

Please login or register to see this full article.

26/07/2010 by:

Asia-Pacific Enforcement network launched 1. Asia-Pacific Enforcement network launched Following several DP Commissioners’ move to start a Global Privacy Enforcement Network, some Asia-Pacific countries have now, on 16 July, launched a Cross-Borde...

Comments: 0

International E-news - June 2010

Please login or register to see this full article.

14/06/2010 by:

Germany prepares amendment to DP Act on employee data Taiwan passes amendments to DP Act Swiss-US pact to disclose personal banking details rejected by Swiss parliament EU Data Protection Working Party requires opt-in for cookies Switzerland agree...

Comments: 0

International E-news - May 2010

Please login or register to see this full article.

21/05/2010 by:

Exports from Germany of personal data under the United States Safe Harbor now face obstacles from the regulators DPAs suspect that Google’s wireless data collection and retention practices in breach of DP law Facebook replies to critics 1. Exports...

Comments: 0

International E-news - April 2010

Please login or register to see this full article.

12/04/2010 by:

Liechtenstein Court sets multi-million precedent for data breach liability HSBC Swiss data breach Landmark Israeli Supreme Court Case: Online anonymity is a constitutional right New Zealand’s Law Commission wants new privacy laws Privacy...

Comments: 0

International E-news - March 2010

Please login or register to see this full article.

01/03/2010 by:

EU Article 29 DP Working Party publishes opinion on processor and controller 1. EU Article 29 DP Working Party publishes opinion on processor and controller The European Union’s Art. 29 Data Protection Working Party, (the group of national Data...

Comments: 0

International E-news - February 2010

Please login or register to see this full article.

02/02/2010 by:

European Union set to revise the DP Directive New EU controller-processor contractual clauses 1. European Union set to revise the DP Directive Incoming EU Justice Commissioner Viviane Reding has announced plans to modernise the EU Data Protection ...

Comments: 0

International E-news - January 2010

Please login or register to see this full article.

14/01/2010 by:

Israel and Andorra receive positive assessment on adequacy from EU Art. 29 DP Working Party China: data protection construed as tort 1. Israel and Andorra receive positive assessment on adequacy from EU Art. 29 DP Working Party The European Union’...

Comments: 0

PL&B International E-news, Issue 93

Please login or register to see this full article.

24/11/2009 by:

EU and US to sign secret SWIFT agreement before 1 December 1. EU and US to sign secret SWIFT agreement before 1 December The EU and the US are racing to sign an agreement for the US to see EU banking details before the Lisbon Treaty gives the...

Comments: 0

PL&B International E-news, Issue 92

Please login or register to see this full article.

06/11/2009 by:

eBay’s BCR application approved 1. eBay’s BCR application approved 14 EU Data Protection Authorities have approved eBay’s Binding Corporate Rules application. The BCR’s, which apply both to customer and employee data, were formally approved by the...

Comments: 0

PL&B International E-news, Issue 91

Please login or register to see this full article.

30/10/2009 by:

Deutsche Bahn fined 1.1 million Euros for employee monitorin 1. Deutsche Bahn fined 1.1 million Euros for employee monitoring On 19 October the Berlin data protection commissioner, Otto Dix, imposed a fine of 1.1 million Euros on Deutsche Bahn, th...

Comments: 0

PL&B International E-news, Issue 90

Please login or register to see this full article.

22/10/2009 by:

Financial police help Italy’s DPA to use its strong enforcement powers EU lobbyists must be named South African data protection bill introduced Hong Kong consults on a review of the Personal Data (Privacy) Ordinance New Zealand publishes guidance ...

Comments: 0

PL&B International E-news, Issue 89

Please login or register to see this full article.

24/09/2009 by:

UK ICO approves Hyatt Hotels’ Binding Corporate Rules application EU Data Protection Supervisor’s annual report addresses privacy issues relevant to all sectors 1. UK ICO approves Hyatt Hotels’ Binding Corporate Rules application The UK Informatio...

Comments: 0

PL&B International E-news, Issue 88

Please login or register to see this full article.

15/09/2009 by:

FTC takes enforcement action on Safe Harbor breach Germany publishes draft Employee Data Protection Act France proposes data breach notification Netherlands, Spain now have tighter TPS rules Denmark issues guidance on whistleblowing lines Swiss...

Comments: 0

PL&B International E-news, Issue 87

Please login or register to see this full article.

17/07/2009 by:

Germany amends data protection law French “three strikes” law unconstitutional Swedish privacy party elects Member of European Parliament 1. Germany amends data protection law On 10th July, the second chamber of Germany’s legislature passed...

Comments: 0

PL&B International E-news, Issue 86

Please login or register to see this full article.

05/06/2009 by:

Morocco adopts data protection law US Safe Harbor reinforced President Obama announces Cybersecurity Co-ordinator office, to include privacy officer Guatemala enacts FOIA Chile enacts FOIA 1. Morocco adopts data protection law Morocco adopted a da...

Comments: 0

PL&B International E-news, Issue 85

Please login or register to see this full article.

29/05/2009 by:

India: new law on liability for personal data breaches Three more EU Member States Join BCR Mutual Recognition Club EU acts against Sweden on data retention 1. India: new law on liability for personal data breaches In February India adopted a new...

Comments: 0

PL&B International E-news, Issue 84

Please login or register to see this full article.

11/05/2009 by:

European Parliament adopts legislative resolution on data breach amendments to the European Union’s E-Privacy Directive for all sectors and all types of data 1. European Parliament adopts legislative resolution on data breach amendments to the...

Comments: 0

PL&B International E-news, Issue 83

Please login or register to see this full article.

01/05/2009 by:

UK’s Information Commissioner approves Atmel’s and Accenture’s Binding Corporate Rules in successive weeks EU starts legal action against UK over Phorm EU close to data breach notification law France: close to adopting law to cut off Internet for...

Comments: 0

PL&B International E-news, Issue 82

Please login or register to see this full article.

18/03/2009 by:

Yahoo fined by Belgian court for refusing to disclose personal data EU Art. 29 DP WP publishes decision on data controller to data processor standard contractual clauses for international transfers European Court of Justice orders disclosure of...

Comments: 0

PL&B International E-news, Issue 81

Please login or register to see this full article.

19/02/2009 by:

Swiss Court rules for DP Commissioner with restraining order against Dun & Bradstreet Swiss/US Bilateral Safe Harbor agreement now in force EU Art. 29 DP Working Party adopts strong Opinion on broadening the scope of EU data breach proposals EU Ar...

Comments: 0

PL&B International E-news, Issue 80

Please login or register to see this full article.

11/02/2009 by:

Google executives face criminal charges in Italy 1. Google executives face criminal charges in Italy Four Google executives are facing criminal charges in Italy for failing to control information posted to Google which included a video of teenager...

Comments: 0

PL&B International E-news, Issue 79

Please login or register to see this full article.

29/01/2009 by:

European Data Protection Supervisor adopts Opinion on ePrivacy Directive review, and security breach notification US Heartland Payment Systems admits illegal access to its customers’ credit card information Sony BMG Fined $1 million for Violating ...

Comments: 0

PL&B International E-news, Issue 78

Please login or register to see this full article.

24/12/2008 by:

Peter Hustinx reappointed as EU Data Protection Supervisor and Giovanni Buttarelli appointed as Assistant EU DP Supervisor 1. Peter Hustinx reappointed as EU Data Protection Supervisor and Giovanni Buttarelli appointed as Assistant EU DP Superviso...

Comments: 0

PL&B International E-news, Issue 77

Please login or register to see this full article.

22/12/2008 by:

Switzerland joins the EU in accepting the US Safe Harbor Framework EU Art. 29 Data Protection Working Party announces four more countries for its Binding Corporate Rules mutual recognition procedure 1. Switzerland joins the EU in accepting the US...

Comments: 0

PL&B International E-news, Issue 76

Please login or register to see this full article.

16/12/2008 by:

US Safe Harbor found to present privacy risks to consumers Society for Worldwide Interbank Transfers (SWIFT) approved by Belgian DPA EU DP Superivisor says IP addresses are protected Israel’s new anti-spam law now in force 1. US Safe Harbor found ...

Comments: 0

PL&B International E-news, Issue 75

Please login or register to see this full article.

08/12/2008 by:

European Court of Human Rights rules that the United Kingdom’s DNA storage violates privacy right 1. European Court of Human Rights rules that the United Kingdom’s DNA storage violates privacy right A Grand Chamber of 17 judges of the European Cou...

Comments: 0

PL&B International E-news, Issue 74

Please login or register to see this full article.

21/11/2008 by:

US President-elect Obama states his policies on privacy and transparency Large Australian fine for ignoring the Do Not Call Register Israeli database bill introduced European Commission appoints group to advise on its review of the EU Data...

Comments: 0

PL&B International E-news, Issue 73

Please login or register to see this full article.

28/10/2008 by:

DP Commissioners call for global rules US SEC fines broker-dealer Deutsche Telekom leaks customer data Germany's new national data protection amendments Uruguay gets new DP law EU data retention directive is legal, probably Spanish DP authority...

Comments: 0

PL&B International E-news, Issue 72

Please login or register to see this full article.

08/10/2008 by:

Article 29 WP announces 9-country mutual recognition BCR club French tax searches breach European Convention on Human Rights, again Article 29 Data Protection Working Party has many doubts about US electronic visas Google reduces data retention...

Comments: 0

PL&B International E-news, Issue 71

Please login or register to see this full article.

01/08/2008 by:

Council of Europe DP Treaty now open to non-European countries EU in Negotiations with US to hand over more personal data Japanese DP Law does not give private right of access to personal data 1. Council of Europe DP Treaty now open to non-Europea...

Comments: 0

PL&B International E-news, Issue 70

Please login or register to see this full article.

23/07/2008 by:

Israel announces twinning programme with Spain EU DP Working Party endorses speedier BCRs Strasbourg Court rules against British telephone-tapping 1. Israel announces twinning programme with Spain On 20th July, Israel’s Data Protection Authority...

Comments: 0

PL&B International E-news, Issue 69

Please login or register to see this full article.

08/05/2008 by:

Turkey’s legislature to debate a government data protection bill 38 million Italian tax returns published on-line CNIL orders shut down of France’s new police database 1. Turkey’s legislature to debate a government data protection bill Turkey’s...

Comments: 0

PL&B International E-news, Issue 68

Please login or register to see this full article.

30/04/2008 by:

EU Data Protection Supervisor supports data breach notification and legal action against spammers EU Article 29 Working Party sets short retention limit for search engines Online Rating of Employers – a Beginning? French court bans teacher rating...

Comments: 0

PL&B International E-news, Issue 67

Please login or register to see this full article.

22/02/2008 by:

Art. 29 DP Working Party decides that IP addresses are personal data European Court decides on copyright vs. privacy right 1. Art. 29 DP Working Party decides that IP addresses are personal data The Art. 29 Data Protection Working Party (the group...

Comments: 0

PL&B International E-news, Issue 66

Please login or register to see this full article.

12/02/2008 by:

China proposes a Data Protection Bill European Court decides on copyright vs. privacy right France’s CNIL enters conflict between EU privacy laws and US information demands Data Protection Authorities generally in favour of national data breach la...

Comments: 0

PL&B International E-news, Issue 65

Please login or register to see this full article.

24/01/2008 by:

European Court orders access over national veto EU Treaty confirms data protection and freedom of information Spain adopts new data protection regulation 1. European Court orders access over national veto The European Court of Justice, on 18th...

Comments: 0

PL&B International E-news, Issue 64

Please login or register to see this full article.

14/12/2007 by:

Lobbyists must be named - EU court rules that names of those attending meetings with the European Commission must be named 1. Lobbyists must be named - EU court rules that names of those attending meetings with the European Commission must be name...

Comments: 0

PL&B International E-news, Issue 63

Please login or register to see this full article.

22/11/2007 by:

The Netherlands Announces Binding Corporate Rules Innovation 1. The Netherlands Announces Binding Corporate Rules Innovation Developments to improve BCRs and outsourcing were announced at a meeting in The Hague of the Privacy Laws & Business...

Comments: 0

PL&B International E-news, Issue 62

Please login or register to see this full article.

08/11/2007 by:

Netherlands proposes heavy fines for ignoring stricter website rules SWIFT: Surprise decision by the Spain’s Data Protection Agency on its data processor status 1. Netherlands proposes heavy fines for ignoring stricter website rules The Netherland...

Comments: 0

PL&B International E-news, Issue 61

Please login or register to see this full article.

05/10/2007 by:

SWIFT announces new operating centre in Switzerland to avoid DP problems 1. SWIFT announces new operating centre in Switzerland to avoid DP problems SWIFT, the international financial communications body with headquarters in Belgium, has announced...

Comments: 0

PL&B International E-news, Issue 60

Please login or register to see this full article.

20/09/2007 by:

Luxembourg lightens data protection law 1. Luxembourg lightens data protection law On 1 September, Luxembourg modified its data protection law, removing some obligations to notify data processing to the CNPD (the national data protection authority...

Comments: 0

PL&B International E-news, Issue 59

Please login or register to see this full article.

12/09/2007 by:

New Zealand Privacy Commissioner Launches Draft Security Breach Guidelines 1. New Zealand Privacy Commissioner Launches Draft Security Breach Guidelines New Zealand Privacy Commissioner Marie Shroff has published a draft guide to help the public a...

Comments: 0

PL&B International E-news, Issue 58

Please login or register to see this full article.

20/07/2007 by:

SWIFT joins US Safe Harbor today 1. SWIFT joins US Safe Harbor today SWIFT announced today that to respond to EU criticisms on its privacy policies, it has joined the US Safe Harbor and plans to move its mirror operating site from the US to Europe...

Comments: 0

PL&B International E-news, Issue 57

Please login or register to see this full article.

28/06/2007 by:

The Art. 29 Data Protection Working Party discusses SWIFT, search engines’ retention policies and the definition of “personal data” Argentina appoints a new Data Protection Commissioner 1. The Art. 29 Data Protection Working Party discusses SWIFT,...

Comments: 0

PL&B International E-news, Issue 56

Please login or register to see this full article.

15/06/2007 by:

Privacy International criticises web company’s privacy policies Spain’s largest ever data protection law fine European Commission reviews Argentina’s adequacy status 1. Privacy International criticises web company’s privacy policies Privacy...

Comments: 0

PL&B International E-news, Issue 55

Please login or register to see this full article.

06/06/2007 by:

Dubai’s Data Protection Commissioner demands registration by 30th June  1. Dubai’s Data Protection Commissioner demands registration by 30th June Dubai is moving quickly to put its data protection regime fully into effect. First came the law (PL&B...

Comments: 0

PL&B International E-news, Issue 54

Please login or register to see this full article.

10/05/2007 by:

France’s CNIL Fines Tyco Healthcare for giving false information and non-cooperation European Court of Human Rights gives judgment on an employer’s monitoring of an employee’s personal communications   Italy’s DPA issues legally binding rules on...

Comments: 0

PL&B International E-news, Issue 53

Please login or register to see this full article.

12/02/2007 by:

Dubai Announces New Data Protection Law 1. Dubai Announces New Data Protection Law The Dubai International Financial Centre, in the United Arab Emirates, has a new data protection law, which entered into force on 8 January 2007.  The law, designed...

Comments: 0

PL&B International E-news, Issue 52

Please login or register to see this full article.

09/02/2007 by:

EU Data Protection Supervisor Rules on SWIFT Secret Data Protection Breaches 1. EU Data Protection Supervisor Rules on SWIFT Secret Data Protection Breaches Peter Hustinx, the European Data Protection Supervisor, adopted an opinion on 1 February...

Comments: 0

PL&B International E-news, Issue 51

Please login or register to see this full article.

21/12/2006 by:

Luxembourg users of SWIFT assure DPA of compliance with EU DP law 1. Luxembourg users of SWIFT assure DPA of compliance with EU DP law As a follow up to the previous international e-news (November 27th) and report in the December edition of Privac...

Comments: 0

PL&B International E-news, Issue 50

Please login or register to see this full article.

27/11/2006 by:

EU stops banks sending data to USA 1. EU stops banks sending data to USA The EU's Art. 29 Data Protection Working Party (consisting of the 25 member states's Data Protection commissioners) has told European Banks and SWIFT, which handles...

Comments: 0

PL&B International E-news, Issue 49

Please login or register to see this full article.

17/11/2006 by:

Belgian Data Protection Authority finds SWIFT in Breach of DP Law World Data Protection Commissioners urge action Inter-American Court Rules on Right to Know in Convention  1. Belgian Data Protection Authority Finds SWIFT in Breach of DP Law The...

Comments: 0

PL&B International E-news, Issue 48

Please login or register to see this full article.

13/10/2006 by:

Italy’s Data Protection Authority stops TV show on politicians' drug use $1million fine for US child privacy violation France’s CNIL uses its new fining power for the first time (update) US and EU reach interim PNR pact  1. Italy’s Data Protection...

Comments: 0

PL&B International Enews Issue 47

Please login or register to see this full article.

05/10/2006 by:

1. France’s CNIL uses its new fining power for the first time 2. Canadian Supreme Court Calls for Stronger Privacy Commissioner Powers 3. Russia’s new DP law to enter into force in February 2006 1. France’s CNIL uses its new fining power for the...

Comments: 0

PL&B International E-news, Issue 46

Please login or register to see this full article.

08/08/2006 by:

Russia adopts European-style data protection law 1. Russia adopts European-style data protection law Russia has joined the European data protection club and adopted a ‘need to know’ freedom of information act. On the last two days of its session, ...

Comments: 0

PL&B International E-news, Issue 45

Please login or register to see this full article.

24/07/2006 by:

SWIFT Interbank financial network responds to US regulator’s secret demand for data EU Art. 29 DP Working Party provides clarification to USA’s SEC on whistleblowing UK Information Commissioner issues new guidance on transferring personal data out...

Comments: 0

PL&B International E-news, Issue 44

Please login or register to see this full article.

01/06/2006 by:

European Court of Justice declares the EU/US air passenger data agreement illegal 1. European Court of Justice declares the EU/US air passenger data agreement illegal The European Court of Justice ruled yesterday that the EU/US agreement approving...

Comments: 0

PL&B International E-news, Issue 43

Please login or register to see this full article.

03/05/2006 by:

Ireland’s Minister for Justice, Equality and Law Reform drafts new Privacy Bill First Spam decision in Latin America Agencies are not protecting citizens’ security rights, says the US Government Accountability Office European Data Protection...

Comments: 0

PL&B International E-news, Issue 42

Please login or register to see this full article.

01/03/2006 by:

Art 29 DP Working Party adopts Opinion on whistleblowing schemes PL&B's Washington Director, Jane Horvath, appointed Chief Privacy Officer at US Department of Justice AOL sues gangs in Virginia, USA, over identity thefts, using new law 1. Art 29 D...

Comments: 0

PL&B International E-news, Issue 41

Please login or register to see this full article.

20/02/2006 by:

Honeywell investigates major security breach Hackers attack Greek government mobile phones ChoicePoint receives largest civil penalty in FTC history Nicole Kidman’s paparazzo avoids giving DNA sample Review of Australian Privacy Act 1998 US Bill...

Comments: 0

PL&B International E-news, Issue 40

Please login or register to see this full article.

30/01/2006 by:

New Italian law requires Internet cafes to record ID information on clients Australia to introduce legislation to aid information exchange in an emergency Federal Trade Commission releases progress report on US Congress’s antispam law Google fight...

Comments: 0

PL&B International E-news, Issue 39

Please login or register to see this full article.

28/11/2005 by:

The European Court of Justice’s Advocate General calls for annulment of European Council and Commission decisions regarding airline passenger data Medical records must not be used as film props France’s CNIL publishes new regulations on...

Comments: 0

PL&B International E-news, Issue 38

Please login or register to see this full article.

12/09/2005 by:

Australian Privacy Commissioner calls for review of Privacy Act Argentine court permits webcam Germany: Instant dismissal for private use of the internet during working hours 1. Australian Privacy Commissioner calls for review of Privacy Act...

Comments: 0

PL&B International E-news, Issue 37

Please login or register to see this full article.

14/07/2005 by:

France’s CNIL refuses to authorize whistle-blowing to US HQs Sweden responds to the changing interface of DP and IT Dutch libraries weigh RFID benefits against privacy threats 40 million credit cards vulnerable to fraud 1. France's CNIL refuses to...

Comments: 0

PL&B International E-news, Issue 36

Please login or register to see this full article.

06/04/2005 by:

Japan’s data protection comes into force EU approves guidelines for anti-fraud databases Europe urged to promote data protection officers Spain teams up with US in fight against spam US agencies publish security response guidelines 1. Japan’s data...

Comments: 0

PL&B International E-news, Issue 35

Please login or register to see this full article.

17/02/2005 by:

European regulators launch privacy consultations European Commission mulls internal privacy restructuring Hungary’s privacy chief speaks out against data protection law Europe launches anti-spam initiative Former Sonera executive face illegal...

Comments: 0

PL&B International E-news, Issue 34

Please login or register to see this full article.

14/01/2005 by:

EU to toughen up privacy controls Industry data transfer contracts get official approval Dutch regulator levies record spam fines 1. EU to toughen up privacy controls Data Protection Authorities across Europe have promised to get tough on...

Comments: 0

PL&B International E-news, Issue 33

Please login or register to see this full article.

29/10/2004 by:

EU backs business-friendly data transfer contracts 1. EU backs business-friendly data transfer contracts The European Commission is expected shortly to give official backing to a new set of contractual clauses that will help businesses meet their...

Comments: 0

PL&B International E-news, Issue 32

Please login or register to see this full article.

27/10/2004 by:

Safe Harbor privacy programme flawed says EU report UK set to respond to European Commission charges Telecoms operators cannot hide behind data protection law Ontario prepares for health privacy law 1. Safe Harbor privacy programme flawed says EU...

Comments: 0

PL&B International E-news, Issue 31

Please login or register to see this full article.

13/10/2004 by:

European regulators rethink data protection strategy Verizon wins privacy protection case British Columbia toughens privacy law California governor terminates privacy bills 1. European regulators rethink data protection strategy The EU's Data...

Comments: 0

PL&B International E-news, Issue 30

Please login or register to see this full article.

03/09/2004 by:

Indian outsourcing firms to undergo security checks California legislature approves outsourcing bill More US consumers asserting privacy rights Australian Privacy Commissioner investigates inaccurate credit records 1. Indian outsourcing firms to...

Comments: 0

Consultation on US COPPA changes

Please login or register to see this full article.

08/11/2011 by:

The US Federal Trade Commission, FTC, is seeking comments on proposed revisions to Children’s Online Privacy Protection Rule. The FTC’s Rule implements the Children’s Online Privacy Protection Act (COPPA), which provides protection for the...

Comments: 0

Ireland's DPA starts Facebook audit

Please login or register to see this full article.

08/11/2011 by:

A spokesperson at the Irish Data Protection Commission told PL&B on 7 November that the office commenced a comprehensive audit of Facebook Ireland at the end of October.  ‘This will assess Facebook's compliance with the requirements of the Irish...

Comments: 0

Proposals on European Union DP Directive revision expected end of January 2012

Please login or register to see this full article.

10/11/2011 by:

EU Justice Commissioner Viviane Reding confirmed on 7 November that the timetable for publishing proposals on the revision of the EU Data Protection Directive has been delayed, and proposals will be ready by the end of January 2012. Reding and...

Comments: 0

US FTC welcomes APEC privacy rules

Please login or register to see this full article.

17/11/2011 by:

The United States Federal Trade Commission (FTC) has welcomed the approval of APEC cross-border-privacy rules by APEC (Asia-Pacific Economic Cooperation) members in meeting in Hawaii on 13 November. The APEC privacy system aims at harmonising...

Comments: 0
Tags:

ECJ decision on Spain likely to have implications for all EU Member States and revision of the EU DP Directive

Please login or register to see this full article.

30/11/2011 by:

According to a 24th November decision by the European Court of Justice (ECJ), Spain’s data protection secondary regulations are not in compliance with the EU Data Protection Directive. The case, which was brought by ASNEF (National Association of...

Comments: 0

DP Regulation may introduce bigger fines but more flexibility for companies

Please login or register to see this full article.

08/12/2011 by:

The draft proposal of the EU Commission, leaked to the press at the beginning of December, proposes a General Data Protection Regulation, thus repealing EU Data Protection Directive 95/46, and a Police and Criminal Justice Data Protection Directiv...

Comments: 0

Facebook audit completed: Best practice recommendations for several key areas

Please login or register to see this full article.

22/12/2011 by:

In response to the audit conducted on Facebook Ireland (FB-I) by Ireland’s Data Protection Commissioner, FB-I has committed to either implement, or to consider positively, specific “best practice” improvements.   A key focus of the audit was to...

Comments: 0
Tags:

Monitoring of Employees allowed in Hungary and employment tribunals regulate employment privacy issues

Please login or register to see this full article.

03/01/2012 by:

Andrea Klara Soos (Attorney-at-law, Sooslaw, Budapest, Hungary, E-mail: andrea.soos@sooslaw.hu ) writes that Hungary replaced its Labour Code with a new legislation (“NLC”) which will enter into effect from 1 July 2012. The NLC’s purpose is to mak...

Comments: 0
Tags:

European Commission questions independence of Hungary’s new Data Protection Authority

Please login or register to see this full article.

03/01/2012 by:

Andrea Klara Soos (Attorney-at-law, Sooslaw, Budapest, Hungary, E-mail: andrea.soos@sooslaw.hu ) writes that Hungary has adopted a new data protection act with effect from 1 January 2012 (the “Info Act”) and is establishing a new authority for the...

Comments: 0

Mexico: DP regulations enter into force

Please login or register to see this full article.

11/01/2012 by:

The regulations of Mexico’s Federal Law for the Protection of Personal Data entered into force on 22 December 2011. The regulations deal with data subjects’ rights, security and breach notification provisions, cloud computing, consent and notice...

Comments: 0
Tags:

EU Commission takes legal action against Hungary and PL&B recommends amendments to overcome some of these problems

Please login or register to see this full article.

19/01/2012 by:

The EU Commission has concerns over the independence of Hungary’s data protection authority. The Commission’s view is that the current law which creates a new National Authority for Data Protection, replacing the Data Protection Commissioner...

Comments: 0

Proposals for EU DP Regulation: Mandatory DPOs and fines up to 2% of annual turnover

Please login or register to see this full article.

25/01/2012 by:

The European Commission proposes more accountability – no general notification duty – but bigger fines for non-compliance in the official proposals published today by the European Commission. The highest fine that was being planned, 5% of annual...

Comments: 0

Study published on role of DPOs in 14 EU countries

Please login or register to see this full article.

08/02/2012 by:

The Confederation of European Data Protection Organisations (CEDPO), established in September 2011, welcomes the introduction of Data Protection Officers (DPOs) for EU Member States, as proposed by the European Commission’s draft Data Protection...

Comments: 0

Malaysian DP Act to enter into force in June

Please login or register to see this full article.

16/02/2012 by:

Malaysia’s Information, Communications and Culture Minister, Datuk Seri Dr Rais Yatim, announced on 9 February that the Personal Data Act 2010 will be enforced from June 2012. According to Malaysia’s national news agency, Bernama, the minister mad...

Comments: 0
Tags:

EPIC: FTC has to stop Google’s privacy policy change

Please login or register to see this full article.

17/02/2012 by:

EPIC, the Electronic Privacy Information Center, based in the US, has sued the Federal Trade Commission (FTC) in an attempt to compel the FTC to act prior to 1 March, when Google plans to make changes to its terms of service so that individuals...

Comments: 0
Tags:

Spain: Supreme Court declares part of secondary legislation void

Please login or register to see this full article.

20/02/2012 by:

Spain's Supreme Court, which had submitted a question for a preliminary ruling to the European Court of Justice (ECJ) on the criteria for the processing of personal data without consent, has now declared void Article 10.2.b of the Spain's data...

Comments: 0
Tags:

US publishes Consumer Bill of Rights promoting voluntary codes

Please login or register to see this full article.

24/02/2012 by:

The Obama administration has issued a Consumer Privacy Bill of Rights with the aim of extending privacy protection to commercial sectors that are not subject to existing Federal data privacy laws. The Bill is based on Fair Information Practice...

Comments: 0

Google’s new privacy policy criticised by national DPAs in the EU

Please login or register to see this full article.

28/02/2012 by:

Isabelle Falque-Pierrotin, President of France's Data Protection Authority, the CNIL, on behalf of the EU's Article 29 Data Protection Working Party, says that Google’s new privacy policy does not meet the requirements of the EU Data Protection...

Comments: 0

Belgium approves BCR for J.P.Morgan's international transfers

Please login or register to see this full article.

19/03/2012 by:

The Belgian Data Protection Authority (DPA) approved, mid-March, J.P Morgan’s Binding Corporate Rules (BCR) application for its international transfers. This was made possible by a protocol agreed between the DPA and the Belgian Ministry of Justic...

Comments: 0
Tags:

EU and US find some common ground for their DP aims

Please login or register to see this full article.

21/03/2012 by:

There are common principles at the heart of both systems, says a joint statement issued at a high level  EU Conference on ‘Privacy and Protection of Personal Data’, held on 19 March. The statement, issued by EU Commission’s  Vice-President Viviane...

Comments: 0

EU DPAs: Some reservations on proposed EU DP Regulations

Please login or register to see this full article.

29/03/2012 by:

The EU Data Protection Authorities says that a 24-hour limit for breach notification, as proposed in the EU DP Regulations, could, under certain circumstances, not be feasible. The DPAs propose a 2-stage process where the controller would notify...

Comments: 0

Privacy laws progress in the Philippines, Singapore and Malaysia

Please login or register to see this full article.

18/04/2012 by:

The Philippines Senate passed on 20 March the Data Privacy Act, which is now waiting for reconciliation between the two Houses before it can be enacted. The Senate Bill covers both private and public sectors, and provides an exemption for the...

Comments: 0

Viviane Reding defends delegated acts in the EU DP proposals

Please login or register to see this full article.

08/05/2012 by:

Speaking at the European Data Protection Commissioners’ Spring Conference in Luxembourg on 3 May, EU Justice Commissioner, Viviane Reding, explained that the large number of delegated acts in the EU proposals for a Data Protection Regulation leave...

Comments: 0

FTC imposes 20 years of audits on Myspace

Please login or register to see this full article.

10/05/2012 by:

The Myspace social network has agreed to regular, independent privacy audits for the next 20 years as required by a settlement with the US Federal Trade Commission (FTC). The FTC found that the company’s  privacy policy was misleading.  Myspace wa...

Comments: 0
Tags:

No need for informed consent for authentication and session-ID cookies

Please login or register to see this full article.

12/06/2012 by:

The EU Data Protection Authorities have analysed the exemptions to the requirement for informed consent in the e-Privacy Directive, and conclude that some cookies can be exempted from informed consent under certain conditions, if they are not used...

Comments: 0

Facebook to pay $10 million to charity

Please login or register to see this full article.

19/06/2012 by:

Facebook Inc has agreed to settle a California lawsuit by paying $10 million to charity. Facebook was accused by five Facebook members of violating user rights in terms of them not having full control of their own names, photographs and likenesses...

Comments: 0
Tags:

EU DPAs prepare for future use of BCRs for processors

Please login or register to see this full article.

21/06/2012 by:

As the EU Data Protection draft Regulation specifically mentions Binding Corporate Rules (BCR) for processors or 'Binding Safe Processor Rules (BSPR)’, the EU Data Protection Authorities have now adopted a working document on this topic. This...

Comments: 0

EU Council developing its position on the EU DP draft Regulation

Please login or register to see this full article.

26/06/2012 by:

The Council Presidency’s note of 22 June to the Working Party on Data Protection and Exchange of Information reveals that almost all Member States’ delegations would like to see fewer delegated acts in the proposals. Also, several Member States sa...

Comments: 0

First Data applies for processor BCRs

Please login or register to see this full article.

06/07/2012 by:

Just a month after the EU Article 29 Data Protection Working Party adopted its Working Document on Processor Binding Corporate Rules, First Data announced at the Privacy Laws & Business 25th Annual International Conference this week that it has...

Comments: 0

Google fined $22.5m for monitoring of web surfing

Please login or register to see this full article.

14/08/2012 by:

The US Federal Trade Commission (FTC) has imposed its biggest ever fine on Google. Users of Apple’s Safari browser who had a "do not track" privacy setting selected were still being monitored, according to the FTC. According to the FTC’s complaint...

Comments: 0

US FTC orders Facebook to correct deceptive privacy settings and apps program

Please login or register to see this full article.

15/08/2012 by:

Following a public comment period, the US Federal Trade Commission (FTC) has accepted as final a settlement with Facebook which says the company shall not misrepresent in any manner the extent to which it maintains privacy or security for personal...

Comments: 0

New Zealand: Accident Compensation Corporation to be audited every two years

Please login or register to see this full article.

23/08/2012 by:

An independent review into to the privacy breach by the Accident Compensation Corporation (ACC) says that while the breach was a result of a genuine error, it happened due to systematic weaknesses within ACC’s culture, systems and processes. A...

Comments: 0

EU formally approves Uruguay’s adequacy

Please login or register to see this full article.

05/09/2012 by:

The European Commission issued its decision on 21 August on Uruguay’s adequacy for transfers of personal data from the European Union (Official Journal L 227, 23/08/2012). The Commission says that the legal standards for the protection of personal...

Comments: 0

Ireland's DPA satisfied with Facebook Ireland implementation of best practice recommendations

Please login or register to see this full article.

21/09/2012 by:

Ireland's Data Protection Commissioner, Billy Hawkes, says that he is satisfied with the great majority of steps that Facebook Ireland (FB-I) has taken to follow his best practice recommendations.  The DPA’s report on its re-audit of Facebook,...

Comments: 0

EU DPAs recommend Monaco to be considered as adequate for data transfers

Please login or register to see this full article.

28/09/2012 by:

The EU’s Data Protection Working Party has analysed the extent to which the Monaco DP regime fulfils the requirements for data transfers under the EU Data Protection Directive, and says that Monaco's DP law provides an adequate level of protection...

Comments: 0

EU DPAs want wide definition of personal data

Please login or register to see this full article.

11/10/2012 by:

The EU Art.29 Data Protection Working Party says that it is necessary to adopt a broad definition of personal data in the proposed EU DP Regulation framework. The group suggests that identification numbers, location data, online identifiers or oth...

Comments: 0

Singapore passes data protection Bill into law

Please login or register to see this full article.

16/10/2012 by:

Singapore's parliament passed a personal data protection bill on 15 October, reports Chinadaily.com.cn. The bill, which applies to the private sector, is set to become law in January 2013, with enforcement to begin 18 months later.  Singapore will...

Comments: 0
Tags:

EU DPAs ask Google to upgrade its Privacy Policy practices

Please login or register to see this full article.

16/10/2012 by:

Google’s controversial changes introduced in March to its European privacy policy have again been met with resistance by the EU Data Protection Authorities. The DPAs says that Google's privacy policy provides incomplete information and makes...

Comments: 0

Netherlands: New opt-in requirements for 3rd party email marketing

Please login or register to see this full article.

30/10/2012 by:

The Netherlands’ Independent Post and Telecommunications Authority (OPTA) has issued a decision according to which an opt-in consent for third-party commercial emails is only valid if the third parties are specified, as well as the type of data th...

Comments: 0

Spanish DPA leads EU fining league table but signs of DPA policy changing after a European Court decision

Please login or register to see this full article.

07/11/2012 by:

Spain’s national Data Protection Authority, the Agencia Española de Protección de Datos (AEPD), announced on 25th September that it imposed fines of 19,597,906 Euros in 2011. In the most recent years for which data is available, Spain’s fines...

Comments: 0

Google's civil penalty of $22.5 million now confirmed

Please login or register to see this full article.

20/11/2012 by:

A US federal judge in San Francisco on 16th November approved  the $22.5 million civil penalty imposed on Google, reports Associated Press. This penalty was announced in August as a settlement between the Federal Trade Commission (FTC) and Google...

Comments: 0

UK Leveson press privacy intrusion enquiry recommends self-regulation backed by law, jail sentences and fines

Please login or register to see this full article.

30/11/2012 by:

The UK parliamentary enquiry into culture, practices and ethics of the press, the so called Leveson enquiry, recommends the creation of an independent self-regulatory body, governed by an independent board. Importantly, the Report calls for jail...

Comments: 0

Malaysia - January 2013 'in force' likely

Please login or register to see this full article.

03/12/2012 by:

Malaysia's Personal Data Protection Act 2010 (PDPA) will finally come into force on 1 January 2013, according to reported statements by the Minister of Information, Communications and Culture of Malaysia, Datuk Seri Rais Yatim.  From that date, it...

Comments: 0
Tags:

One-stop-shop likely to stay in the EU DP Regulation?

Please login or register to see this full article.

06/12/2012 by:

The EU Data Protection draft Regulation proposes a one-stop-shop so that companies running a business in more than one EU Member State may, in future, work to one's country's interpretation of the Regulation. The country would be where the company...

Comments: 0

EU declares that New Zealand’s Privacy Act is “adequate”

Please login or register to see this full article.

20/12/2012 by:

The European Commission announced on 19th December that it had on that day recognised New Zealand’s Privacy Act as “adequate”. This decision follows more than 10 years of studies, the first of which was conducted by Privacy Laws & Business. These...

Comments: 0

Binding Corporate Rules for processors available to use from 1 January 2013

Please login or register to see this full article.

31/12/2012 by:

Data processors will be able to make use of Binding Corporate Rules (BCRs) for processors from 1 January  2013 in order to facilitate international data transfers. While the EU Data Protection Authorities’ Article 29 Data Protection Working Party...

Comments: 0

Ireland’s DPA starts to enforce "cookie" law

Please login or register to see this full article.

03/01/2013 by:

Ireland's Data Protection Commissioner, Billy Hawkes, has written to some 80 websites, asking them to provide information on the steps that they have taken to meet the so called "cookie" obligations. The list of companies includes many household...

Comments: 0

Irish presidency suggests watering down EU draft DP Regulation

Please login or register to see this full article.

18/01/2013 by:

An informal European Union justice ministers’ meeting taking place today in Dublin is discussing areas where the Irish presidency to the Council of the European Union sees scope for changes. The presidency says that the following issues should be...

Comments: 0

China’s first privacy protection national standard to enter into force on 1st February

Please login or register to see this full article.

23/01/2013 by:

China’s Ministry of Industry and Information Technology (MIIT) in Beijing announced on 21st January that a non-binding guideline urges organisations collecting personal data to obtain permission before collecting and using an individual’s personal...

Comments: 0

Dutch and Canadian DPAs challenge WhatsApp's compliance with their privacy laws

Please login or register to see this full article.

31/01/2013 by:

WhatsApp is in breach of data protection law, Canadian and Dutch data protection authorities have revealed. The Office of the Privacy Commissioner of Canada (OPC) and the Dutch Data Protection Authority say that the app violates their privacy laws...

Comments: 0

US FTC fines Path $800,000 and launches mobile app guidance

Please login or register to see this full article.

05/02/2013 by:

The US Federal Trade Commission (FTC) has imposed an $800,000 fine on Path, a social networking service. Path was allegedly collecting children's personal information without their parents’ consent, which is a breach of the Children’s Online Priva...

Comments: 0

EU cyber security Directive would create a stronger breach notification regime

Please login or register to see this full article.

10/02/2013 by:

The EU Commission issued  on 7 February a draft Directive for cyber security. The draft, entitled Directive on Network and Information Security, would oblige market operators and public administrations to report incidents that have a significant...

Comments: 0

EU DPAs warn Google about enforcement action

Please login or register to see this full article.

21/02/2013 by:

The EU Data Protection Authorities (DPAs) are to decide in their meeting on 26 February about starting joint enforcement action against Google for the faults  in the company’s new Privacy Policy. The DP Commissioners aim to establish a working...

Comments: 0

Netherlands' DPA issues new data security guidelines

Please login or register to see this full article.

22/02/2013 by:

The Dutch Data Protection Authority (DPA) published, on 19 February, new guidelines on the security of data processing. The new guidelines contain instructions on how to implement the security principles in practice, reports law firm Bird & Bird....

Comments: 0

Ireland to audit major social networking firms

Please login or register to see this full article.

27/02/2013 by:

Ireland's Data Protection Commissioner, Billy Hawkes, has announced that he will audit major social media companies. Ireland has a significant responsibility for the rest of Europe, as many of these companies have located their European headquarte...

Comments: 0
Tags:

EU DP Regulations likely to take a more risk-based approach

Please login or register to see this full article.

01/03/2013 by:

The EU draft DP Regulations should take a more risk-based approach, the EU Data Protection Authorities (DPAs) say. The EU Art. 29 DP Working Party considers that some of the provisions in the proposed Regulation may pose a burden on some...

Comments: 0

Evernote loses 50 million users' password data

Please login or register to see this full article.

08/03/2013 by:

Evernote, a web-based app to organise and store business and personal data, revealed on 5  February that hackers had gained access to the personal information of more than 50 million of its users. The information lost included encrypted password...

Comments: 0
Tags:

EU Commissioner Reding: The new EU DP framework is not just about consent

Please login or register to see this full article.

14/03/2013 by:

The EU Commissioner for Justice, Fundamental Rights and Citizenship, Viviane Reding, says that while explicit consent is one of the cornerstones of the proposal for a new EU DP framework, it is nothing new. “The current Directive states since 1995...

Comments: 0

EU DPAs on mobile apps: More transparency required

Please login or register to see this full article.

19/03/2013 by:

The EU Data Protection Authorities (DPAs) say that in most cases, data controllers’ will have to rely on individuals’ consent as a legal basis for the processing of their personal data, and that consent needs to be obtained before the app starts t...

Comments: 0

The CNIL plans to conduct 400 inspections this year in France

Please login or register to see this full article.

22/03/2013 by:

France’s Data Protection Authority, the CNIL, announced on 19 March that it aims to conduct some 400 inspections in 2013, reports law firm, Bird & Bird, Paris. A third of them will result from complaints received. CCTV will feature heavily as a...

Comments: 0
Tags:

EU starts discussions with APEC on finding a way to link their approaches to international transfers

Please login or register to see this full article.

05/04/2013 by:

The EU Art. 29 Data Protection Working Party announced at the end of March that there had been discussions in Jakarta, Indonesia, at the end of January and the beginning of March to find a common approach between the EU’s Binding Corporate Rules a...

Comments: 0

EU DPAs stress consent requirement for Big Data initiatives

Please login or register to see this full article.

12/04/2013 by:

The EU Member States' Data Protection Commissioners say that individuals’ consent is almost always needed for using personal data for Big Data operations, for example, detecting trends or individuals’ behaviour and attitudes. Consent should be fre...

Comments: 0

Uruguay's accession to CoE DP Convention paves way for it to become a wider international treaty

Please login or register to see this full article.

17/04/2013 by:

On 12 April 2013 the Council of Europe announced that Uruguay's accession to Convention 108 (and to its Additional Protocol) was complete. It will enter into force regarding Uruguay on 1 August 2013, making it the 45th state to become a party, and...

Comments: 0

Hamburg's DPA fines Google for Street View

Please login or register to see this full article.

22/04/2013 by:

The German city state of Hamburg has today issued a fine of 145,000 euros on Google for its data collection during Street View operations. The DPA says that the company collected personal data during 2008-2010 through unencrypted Wifi connections....

Comments: 0

US congress puts pressure on developing Do-Not-Track standard

Please login or register to see this full article.

25/04/2013 by:

In the hearing organised by US Senate Commerce Committee yesterday, its Chairman, Senator John D. Rockefeller, said that Do-Not-Track needs to become a reality, either voluntarily or through legislation. “It is now April 2013, and consumers are...

Comments: 0

DPAs from Europe, North America and Asia-Pacific monitor privacy policies on websites

Please login or register to see this full article.

09/05/2013 by:

Data Protection Authorities from around the globe are this week organising an “Internet Privacy Sweep” to examine the transparency of companies’ websites.  The initiative will help enforcement authorities to identify sites or apps which may warran...

Comments: 0

Vote on EU DP proposals now delayed

Please login or register to see this full article.

10/05/2013 by:

The lead rapporteur for the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE) announced at a LIBE meeting on 6 May that the committee’s vote on the draft DP Regulation will be delayed due to around 3,000 amendment...

Comments: 0

Russia amends its DP laws

Please login or register to see this full article.

14/05/2013 by:

The office of the Russian President, Vladimir Putin, has announced that the president has signed the Federal Law on Amendments to Certain Legislative Acts of the Russian Federation following the Adoption of the Federal Law On Ratification of the...

Comments: 0
Tags:

Singapore’s Personal Data Protection Act to enter into force in July 2014

Please login or register to see this full article.

21/05/2013 by:

Singapore's Minister for Communications and Information, Dr Yaacob Ibrahim, has announced that the personal data protection requirements of the Personal Data Protection Act 2012 (PDPA) will enter into force on 2 July 2014. The Do Not Call Registry...

Comments: 0
Tags:

EU DP compromise proposal would make life easier for companies

Please login or register to see this full article.

10/06/2013 by:

The Council of the European Union, anxious to see progress with the draft EU DP Regulation before the Parliament’s summer recess, is suggesting a compromise deal which takes more of a risk-based approach. With regard to extra-territorial...

Comments: 0

DPAs query privacy aspects of Google Glass

Please login or register to see this full article.

20/06/2013 by:

DPAs have sent a letter to Google inviting the company to provide further information about Google Glass. The letter, sent by Canada’s Privacy Commissioner Jennifer Stoddart, and signed on behalf of the Article 29 Working Party by Chairman Jacob...

Comments: 0

France and Spain take action on Google

Please login or register to see this full article.

24/06/2013 by:

France’s DPA, the CNIL, has ordered Google to comply with France’s Data Protection Act within three months or otherwise it will impose sanctions on the company of up to up to 150,000 euros. Spain’s DPA has similarly warned Google that it could fac...

Comments: 0

EU DPAs may be given discretion to decide level of fines

Please login or register to see this full article.

05/07/2013 by:

A leaked document sent on 21 June from the Irish Presidency of the EU Council of Ministers to the Data Protection Working Party on Information Exchange and Data Protection (DAPIX) reveals that the administrative fines in the planned EU DP regulati...

Comments: 0

W3C rejects industry's Do-Not-Track proposal

Please login or register to see this full article.

22/07/2013 by:

The Digital Advertising Alliance (DAA) Do-Not-Track proposal has been rejected by the World Wide Web Consortium (W3C) that is seeking to design a solution that would let users block online "tracking" at browser level.  DAA, an US industry...

Comments: 0
Tags:

Brazil considers DP bill again

Please login or register to see this full article.

23/07/2013 by:

The Brazilian government is again discussing the possibility of creating a data protection agency and a data protection regulation. According to Pablo Palazzi, a solicitor at Allende & Brea, Buenos Aires, Argentina, the Data Protection Bill, draft...

Comments: 0
Tags:

China’s new DP Regulations to take effect on 1st September

Please login or register to see this full article.

31/07/2013 by:

China’s Ministry of Industry and Information Technology (MIIT) passed the Telecommunications and Internet Personal User Data Protection Regulations on 28 June 2013, to take effect on 1 September 2013. The MIIT has previously issued Regulations in...

Comments: 0

Cloud threatened: German DPAs stop granting permission for data transfers to non-EU countries

Please login or register to see this full article.

08/08/2013 by:

In a dramatic move to highlight the excessive surveillance by foreign intelligence services, Germany’s Data Protection Authorities have declared that until their Federal Government provides a plausible explanation on how to limit this access, new...

Comments: 0

South Africa passes Data Protection Bill

Please login or register to see this full article.

28/08/2013 by:

South Africa’s Parliament approved the Protection of Personal Information Bill on 22 August. The Parliament issued the following statement:  ‘The Bill gives expression to the right to privacy provided for in the Constitution. The right to privacy...

Comments: 0
Tags:

DP Commissioners to discuss assessment of risk at their September international conference

Please login or register to see this full article.

29/08/2013 by:

The 35th International Conference of Data Protection and Privacy Commissioners, hosted by Poland, 23-26 September, will discuss, among other things, assessment of risk related to data processing. Dr. Wojciech R. Wiewiórowski, Poland’s Data...

Comments: 0

DPAs: DP is not just the responsibility of apps developers

Please login or register to see this full article.

27/09/2013 by:

In a resolution adopted at the 35th International DPA conference in Warsaw on 24 September, DPAs from around the world stress that in addition to app developers, providers of operating systems should bear responsibility for privacy on the framewor...

Comments: 0

DPAs to strengthen enforcement cooperation

Please login or register to see this full article.

27/09/2013 by:

The Data Protection Authorities say that they will further strengthen their cooperation in order to ensure effective enforcement across jurisdictions. Speaking at the DPAs' 35th international conference in Warsaw on 26 September, UK Information...

Comments: 0

New Data Protection Authority for Japan

Please login or register to see this full article.

07/10/2013 by:

The Number Use Act 2013 establishes a new and independent Data Protection Authority to be set up in the first half of 2014. The Specific Personal Information Protection Commission will consist of a Chairman and six commission members, and will be...

Comments: 0
Tags:

EU Justice Ministers find common ground on DP draft Regulation

Please login or register to see this full article.

08/10/2013 by:

In a press conference on 7 October, EU Commissioner, Viviane Reding, declared that she is very happy about the progress made at the European Union’s Justice Council meeting. “Today the text [draft Data Protection Regulation] received very strong...

Comments: 0

Future of W3C Do-Not-Track in doubt

Please login or register to see this full article.

14/10/2013 by:

W3C’s (World Wide Web Consortium) working group on a US self-regulatory Do-Not-Track standard may stop its work as it has not been able to make much progress. At a vote, organised between 18 September and 9 October, a small majority of the 43...

Comments: 0

The Dutch government proposes mandatory breach notification

Please login or register to see this full article.

17/10/2013 by:

The Netherlands government’s proposal for mandatory data breach notification would require all organisations to inform the Dutch DPA of security breaches. According to law firm De Brauw Blackstone Westbroek in Amsterdam, a failure to notify would ...

Comments: 0

Critical times for EU DP draft Regulation as UK tries to delay it

Please login or register to see this full article.

01/11/2013 by:

At last week’s European Council meeting, the UK’s Prime Minister, David Cameron, pushed his counterparts to agree on a 2015 deadline, which could mean that the EU Data Protection Regulation would not be adopted under the current Commission, and th...

Comments: 0

UN to consider Internet privacy resolution

Please login or register to see this full article.

15/11/2013 by:

Germany and Brazil have called on the United Nations to adopt a resolution about online privacy, reports the Associated Press.  According to Associated Press, the draft resolution states that countries must protect the right to privacy as guarante...

Comments: 0

Malaysia’s long overdue Act now in force

Please login or register to see this full article.

20/11/2013 by:

Malaysia’s Personal Data Protection Act 2010 (PDPA) was finally brought into force on 15 November 2013, more than three years after it was enacted. A number of Regulations have come into force on the same day. All data users have three months from...

Comments: 0
Tags:

EU gives US Safe Harbor another chance

Please login or register to see this full article.

02/12/2013 by:

The EU Commission has now reviewed the working of the US Safe Harbor programme on transfers of personal data from the European Economic Area to the US, and says that it will wait until summer 2014 to see whether it will suspend, modify or even...

Comments: 0
Tags:

South Africa adopts comprehensive privacy law

Please login or register to see this full article.

02/12/2013 by:

A law heavily influenced by the EU draft DP Regulation and European DP tradition. Pamela Stein reports. After eight years of deliberations and numerous reviews, South Africa’s first comprehensive data protection law, the Protection of Personal...

Comments: 0

Greece: DP a priority for 2014 EU Presidency, legal wrangle at the EU Council

Please login or register to see this full article.

09/12/2013 by:

As we wait to see whether there will be any progress made by the end of the year, Greece, which will hold the next presidency of the EU, January to June 2014, has announced that it will ensure that data protection is high up on the agenda. On the...

Comments: 0

China’s consumer law amendments widen data protection

Please login or register to see this full article.

10/12/2013 by:

China’s National People’s Congress (NPC) Standing Committee (its second-highest legislative body) has amended the PRC’s Law on the Protection of Consumer Rights and Interests to include provisions on protection of personal information, along with...

Comments: 0
Tags:

NSA collection of metadata likely to be unconstitutional, US judge says

Please login or register to see this full article.

18/12/2013 by:

An opinion by a judge at the US District Court for the District of Columbia, given on 16 December, says that the mass collection of metadata by the US National Security Agency (NSA) is likely to violate the fourth amendment of the US constitution,...

Comments: 0

Germany appoints a new Federal DP Commissioner

Please login or register to see this full article.

19/12/2013 by:

Andrea Vosshoff is the new Federal Data Protection Commissioner after being elected a few minutes ago by the Bundestag with a majority of 403 votes. She is a CDU (Christian Democratic Union) politician, who sat in the Bundestag, the lower house of...

Comments: 0
Tags:

CNIL fines Google €150,000 for the failure of its privacy policy to comply with the law

Please login or register to see this full article.

09/01/2014 by:

The CNIL, France’s Data Protection Authority, issued a €150,000 monetary penalty on Google Inc. on 3 January saying that Google’s 2012 single privacy policy, applying to various Google services,  does not comply with France’s Data Protection Act....

Comments: 0

EDPS calls Germany to take the lead in negotiating the EU DP Regulation

Please login or register to see this full article.

16/01/2014 by:

The European Data Protection Supervisor, Peter Hustinx, has urged the German government to take the lead in trying to ensure that the EU DP reform takes place before the elections of the European Parliament and Commission in May this year. Speakin...

Comments: 0

Delay with EU DP draft Regulation - lack of political will or tricky technical issues?

Please login or register to see this full article.

23/01/2014 by:

Speaking at the Computers, Privacy and Data Protection conference in Brussels yesterday, Paul Nemitz, Director, Fundamental Rights and Citizenship part of the European Commission, argued that ministers have to take charge now for progressing the...

Comments: 0

Deadline for adopting the EU Data Protection Regulation shifted to the end of 2014

Please login or register to see this full article.

28/01/2014 by:

The stakeholders have agreed on a new deadline, the end of 2014, to give the ministers of the 28 EU Member States in the Justice Council an opportunity to agree on the remaining controversial issues. EU Justice Commissioner, Viviane Reding,...

Comments: 0

Invitation to take part in the ‘Big Data Protection’ Study

Please login or register to see this full article.

10/02/2014 by:

The Big Data Protection Research Project, sponsored by the Open University Business School, investigates how organisations can leverage big data while respecting individuals' privacy rights.  Responses are sought by 28 February 2014. The project...

Comments: 0
Tags:

German consumer organisations to be empowered to sue businesses for data protection law breaches

Please login or register to see this full article.

17/02/2014 by:

A draft Bill, scheduled for April, will allow consumer organisations to take businesses to court for non-compliance with Germany’s Data Protection Act, Justice Minister, Heiko Maas, announced on 11 February. Consumer rights organizations in German...

Comments: 0

New Chair and Vice-Chairs of the EU Art. 29 Data Protection Working Party elected this morning

Please login or register to see this full article.

27/02/2014 by:

Isabelle Falque-Pierrotin, the President of France’s CNIL was this morning elected as Chair of the EU Art. 29 Data Protection Working Party, the group where the 28 national Data Protection Authorities in the European Union co-ordinate their...

Comments: 0

Italy to increase inspections this year

Please login or register to see this full article.

28/02/2014 by:

In 2014, the Garante’s investigations will concentrate on especially on overseas call centres and mobile payment systems, Italy’s Data Protection Authority has announced. The inspection plan for the first six months of 2014 is to focus on the area...

Comments: 0
Tags:

EU Justice Ministers remain broadly committed to extending the DP Regulation’s territorial scope

Please login or register to see this full article.

06/03/2014 by:

At the EU’s Justice and Home Affairs Council meeting on 3 and 4 March, the Justice Minsters had a debate on the proposed EU Data Protection Regulation. They broadly supported the draft provisions regarding the territorial scope of the Regulation,...

Comments: 0

EU DPAs and APEC take a step towards mutual recognition of BCR/CBPR

Please login or register to see this full article.

10/03/2014 by:

 The EU Data Protection Authorities and the Asia-Pacific Economic Cooperation (APEC) economies have issued a checklist on the requirements that companies need to consider when applying for authorization of Binding corporate Rules (BCR) and/or...

Comments: 0
Tags:

EU-US ‘data protection umbrella agreement’ for judicial matters under preparation

Please login or register to see this full article.

27/03/2014 by:

Following the EU-US summit, President of the European Council, Herman Van Rompuy, said in a statement on 26 March:  ‘On the governmental track, we'll have an umbrella agreement on data protection by this summer, based on equal treatment of EU and ...

Comments: 0

The CNIL, France’s DPA, gains new online inspection powers

Please login or register to see this full article.

31/03/2014 by:

Law No. 2014-344 of 17 March 2014 amends France’s Data Protection Act giving the Data Protection Authority, the CNIL, the right to perform online checks. The new power allows the CNIL to remotely detect and react to data breaches on the Internet....

Comments: 0

Google pays 1 million euros fine in Italy for data collection by Street View

Please login or register to see this full article.

04/04/2014 by:

Google has agreed to pay the 1 million fine imposed for privacy breaches relating to data collection by unmarked Google Street View cars, Italy’s Data Protection Authority, the Garante, announced on 3 April. The case goes back to 2010 when the...

Comments: 0

The EU Court in Luxemburg rules that removal of Hungarian DPA was illegal

Please login or register to see this full article.

10/04/2014 by:

The European Court of Justice (ECJ) published its decision on 8th April that the removal of Dr. András Jóri from his position as Data Protection and Freedom of Information Ombudsman is an infringement of the independence of the Data Protection...

Comments: 0

Microsoft cloud wins EU approval

Please login or register to see this full article.

22/04/2014 by:

The EU’s Article 29 Data Protection Working Party (the coordination group for Member States’ Data Protection Authorities) states that Microsoft’s contractual commitments meet the requirements of the EU’s model clauses. This will reduce the number ...

Comments: 0

Brazil enacts Internet Bill of Rights

Please login or register to see this full article.

28/04/2014 by:

Brazil adopted Internet legislation on 23 April which establishes principles, guarantees, rights and obligations for Internet users and providers. According to this law (Marco Civil), use of the Internet in Brazil is founded on respect for freedom...

Comments: 0
Tags:

CNIL to conduct 200 online inspections this year

Please login or register to see this full article.

02/05/2014 by:

France’s Data Protection Authority, the CNIL, says that it will use its new power to conduct online inspections this year, and generally increase the number of inspections (see the international e-news on 31st March 2014). Overall, the DPA aims to...

Comments: 0

DPAs to conduct privacy enforcement sweep next week

Please login or register to see this full article.

08/05/2014 by:

27 Data Protection Authorities from around the world will be scrutinising organisations’ collection and use of personal information on mobile apps next week. This online sweep, to be carried out 12-18 May, and organised by the Global Privacy...

Comments: 0

Google’s search engine subject to EU data protection laws

Please login or register to see this full article.

13/05/2014 by:

The Court of Justice of the European Union has ruled that citizens have a right to request that Google delete their data from search results. In a case involving Google Spain, the court rules that although US-based, the search engine is the data...

Comments: 0

eBay suffers major data breach

Please login or register to see this full article.

23/05/2014 by:

eBay has asked users to change their passwords because of a cyber-attack that compromised a database containing passwords and other personal data such as names, email addresses, physical addresses, phone numbers and dates of birth. Cyber-attackers...

Comments: 0

Canada nominates new Privacy Commissioner

Please login or register to see this full article.

29/05/2014 by:

Canada’s Prime Minister, Stephen Harper, announced yesterday the nomination of Daniel Therrien as the next Privacy Commissioner of Canada. Mr. Therrien is currently Assistant Deputy Attorney General, Public Safety, Defence and Immigration Portfoli...

Comments: 0
Tags:

Google receives 12,000 requests as a result of ‘right to be forgotten’ ECJ decision

Please login or register to see this full article.

02/06/2014 by:

Google received 12,000 take-down requests from individuals on the first day it offered the service, 31 May, according to Agence France Presse . The number confirms earlier estimates given by the German daily Der Spiegel and reported in other media...

Comments: 0

Brazil’s Internet law enters into force 23 June

Please login or register to see this full article.

11/06/2014 by:

To mark the start of the World Cup, we would like to offer you some news on Brazil. Brazil’s ground-breaking Internet law establishes the principles, guarantees, rights and obligations for the use of the Internet in Brazil.  From now on,...

Comments: 0

Reding says that US Safe Harbor changes nearly agreed

Please login or register to see this full article.

16/06/2014 by:

Following suggestions made by the EU Commission last summer, the EU and the US are about to agree on how the Safe Harbor framework will be revised. Viviane Reding, EU Vice President and Commissioner for Justice, said on 6 June: “I think that 95% o...

Comments: 0
Tags:

German DPAs publish guidelines for mobile apps

Please login or register to see this full article.

23/06/2014 by:

The German Data Protection Authorities have published guidance for mobile apps due to app developers’ and application providers’ perceived lack of privacy knowledge, as demonstrated by their product and services. The guidelines comment on the lega...

Comments: 0
Tags:

Agreement on EU DP draft Regulation nearly certain during 2015

Please login or register to see this full article.

02/07/2014 by:

Different stakeholders, speaking at the Privacy Laws & Business 27th Annual International Conference yesterday, indicated that the draft data protection Regulation is now on an irreversible road. Peter Hustinx, European Data Protection Supervisor,...

Comments: 0

Russia’s Internet Privacy Act will have wide implications for foreign companies

Please login or register to see this full article.

16/07/2014 by:

Russia's State Duma (Lower House of Parliament) on 4th July and Federation Council (Upper House of Russia’s Parliament) on 9th July adopted amendments to Russia’s personal data protection act which require that personal data of all Russians is...

Comments: 0
Tags:

EU Art. 29 DP Working Party meets search engines to discuss “right to be forgotten”

Please login or register to see this full article.

25/07/2014 by:

The EU’s national Data Protection Authorities meeting as the EU Art. 29 DP Working Party yesterday had a meeting with the three major search engine companies, Google, Microsoft and Yahoo, to discuss the ways in which they have implemented the “rig...

Comments: 0

Brazil issues fine of 1.2 million euros under new Internet privacy law

Please login or register to see this full article.

12/08/2014 by:

Brazilian telecoms provider Oi has been fined 3.5 million reals (€1.2 million) for recording and selling its subscriber browser data, law firm Reed Smith reports. The fine, issued by the Brazilian Department of Consumer Protection and Defence...

Comments: 0
Tags:

Brazil: CORRECTION

Please login or register to see this full article.

12/08/2014 by:

PL&B's previous enews today about Brazil issuing a 1.2 million euros fine quoted the wrong legislation. According to Professor of Law, Danilo Doneda, the case was not based on Brazil's new Brazilian's internet law (Marco Civil da Internet), but...

Comments: 0
Tags:

New EU Commissioner: Right to be Forgotten must not delay reform

Please login or register to see this full article.

20/08/2014 by:

Newly appointed EU Justice Commissioner, Martine Reicherts, says that some parties are using the Right to be Forgotten (RTBF) to undermine the EU’s data protection reform. “They have got it wrong. And I will not let them abuse this crucial ruling ...

Comments: 0

CNIL issues public warning to Orange France

Please login or register to see this full article.

27/08/2014 by:

France’s Data Protection Authority, the CNIL, has sanctioned the mobile telephone company, Orange France, for a data security breach. A public warning, issued on 25 August, follows a security breach which jeopardised personal data of more than one...

Comments: 0

Verizon to pay $7.4 million for its data protection failures

Please login or register to see this full article.

08/09/2014 by:

Verizon has agreed to pay $7.4 to settle an investigation brought by US Federal Communications Commission’s Enforcement Bureau. The Commission found that Verizon had failed to inform some two million customers of their privacy rights prior to...

Comments: 0
Tags:

Ireland appoints new DP Commissioner

Please login or register to see this full article.

11/09/2014 by:

Ireland has appointed Helen Dixon as the new Data Protection Commissioner. Ms Dixon has previously held senior management positions with the Companies Registration Office and the Department of Jobs, Enterprise and Innovation. According to the Iris...

Comments: 0
Tags:

Juncker nominates his new European Commission: EU DP Regulation to be concluded by May 2015

Please login or register to see this full article.

12/09/2014 by:

Jean-Claude Juncker, the incoming President of the European Commission, nominated his team of commissioners on 10 September and set their data protection agenda. Andrus Ansip, former Prime Minister of Estonia, who has been nominated as...

Comments: 0

Home Depot loses 56 million customers’ credit card data and offers remediation

Please login or register to see this full article.

23/09/2014 by:

The US retailer Home Depot has confirmed that credit card details of potentially 56 million of its customers have been compromised due to a cyber attack. By the time the company learned on 8 September from banks and law enforcement that it had bee...

Comments: 0
Tags:

Nominee for EU Commissioner on data protection questioned by European Parliament

Please login or register to see this full article.

02/10/2014 by:

Vĕra Jourová, candidate for the post of EU Commissioner for Justice, Consumers and Gender Equality, said in a European Parliament hearing yesterday that she would ‘strive for the adoption of the [data protection] reform package within the first si...

Comments: 0

DPAs meet in Mauritius: Big Data, surveillance burning issues

Please login or register to see this full article.

16/10/2014 by:

The 36th International Conference of Data Protection and Privacy Commissioners, taking place in Mauritius this week, discussed yesterday the role of Big Data in society and the threat of surveillance systems. Jacob Kohnstamm, Chairman of the...

Comments: 0

DPAs adopt resolution on enforcement cooperation

Please login or register to see this full article.

16/10/2014 by:

Members of the International Conference of Data Protection and Privacy Commissioners say that they will further enhance their enforcement cooperation by agreeing to develop a secure international information platform to share confidential...

Comments: 0
Tags:

Some Mauritius Conference last day highlights

Please login or register to see this full article.

17/10/2014 by:

Ethics, Fundamental Rights and Big Data was discussed yesterday at the 36th International Conference of Data Protection and Privacy Commissioners. Some highlights: What is the motivation behind the risk? There is an analogy between chemistry and b...

Comments: 0

European Parliament’s LIBE committee: Buttarelli for EDPS post

Please login or register to see this full article.

22/10/2014 by:

The European Parliament’s Civil Liberties Committee voted yesterday to nominate  Giovanni Buttarelli as top candidate for the post of European Data Protection Supervisor (EDPS). Buttarelli is currently Assistant Supervisor. The Committee would lik...

Comments: 0

US Federal Communications Commission fines two phone companies $10 million

Please login or register to see this full article.

04/11/2014 by:

The US Federal Communications Commission (FCC) issued, on 24 October, a 10 million dollar fine for breaching consumer privacy and data security. The phone companies, TerraCom and its affiliate YourTel America, claimed in their privacy policies tha...

Comments: 0

TRUSTe settles charges with US FTC for failures in its privacy seal programme

Please login or register to see this full article.

21/11/2014 by:

 The US Federal Trade Commission (FTC) has charged TRUSTe, US-based provider of privacy certifications for online businesses, for deceiving consumers about its recertification program for companies’ privacy practices. The FTC Chairwoman, Edith...

Comments: 0
Tags:

EU Parliament and Council appoint Giovanni Buttarelli as EDPS

Please login or register to see this full article.

01/12/2014 by:

Giovanni Buttarelli has been appointed as European Data Protection Supervisor for the period of 1 December 2014 to 30 November 2019. The Assistant Supervisor will be Wojciech Wiewiórowski. "The [European Parliament’s] Civil Liberties Committee has...

Comments: 0
Tags:

EU Council of Ministers takes a step away from total harmonisation

Please login or register to see this full article.

05/12/2014 by:

At the EU Council of Ministers Home and Justice Affairs meeting 4 December in Brussels, the ministers agreed a partial general approach on data processing in the public sector.  This proposal by the Council would allow for some flexibility for the...

Comments: 0

DPAs write to app developers and demand transparency

Please login or register to see this full article.

10/12/2014 by:

23 privacy authorities from around the world have written to operators of app marketplaces, including Google Play and the Apple App Store, to make it mandatory for mobile app developers to post links to privacy policies prior to download if they a...

Comments: 0
Tags:

Snapchat settles with FTC and agrees to biannual audits

Please login or register to see this full article.

05/01/2015 by:

Snapchat has agreed to biannual, independent third party audits for the next 20 years as part of its settlement with the US Federal Trade Commission (FTC). The company had allegedly violated the FTC Act by deceiving customers with promises about t...

Comments: 0
Tags:

Obama announces plans for US federal privacy law

Please login or register to see this full article.

15/01/2015 by:

Speaking at the US Federal Trade Commission on 12 January, President Barack Obama announced his plans for a Consumer Privacy Bill of Rights. The Obama administration issued a white paper on consumer privacy in February 2012 and the Commerce...

Comments: 0
Tags:

Chile is preparing a new data protection law

Please login or register to see this full article.

21/01/2015 by:

Chile is in the progress of drafting a new privacy law which would be more in line with EU style provisions. "The Bill is not yet before the Congress but there was a public consultation last July," Paulina Silva of Carey y Cia said at the CPDP...

Comments: 0
Tags:

Albrech optimistic about 2015 deadline for EU DP Regulation

Please login or register to see this full article.

23/01/2015 by:

Jan Albrecht, MEP and data protection rapporteur at the European Parliament on the draft EU DP Regulation is optimistic about  the Council reaching its negotiating position by this summer. "I am optimistic that we can reach a solution in 2015. But...

Comments: 0

Germany approves Bill to establish collective action for enforcement of consumer/data protection rights

Please login or register to see this full article.

09/02/2015 by:

After approval by Germany’s federal cabinet, the legislature will now consider how to make the enforcement of consumer and data protection rights more effective. The draft law would improve the civil enforcement of consumer protection provisions o...

Comments: 0

Brazil issues Data Protection Bill

Please login or register to see this full article.

12/02/2015 by:

The Brazilian government issued a Draft Bill for the Protection of Personal Data (Anteprojeto de Lei para a Proteção de Dados Pessoais) on 28 January 2015. Privacy Laws & Business constantly monitors legislative developments round the world. See o...

Comments: 0
Tags:

New EU DP Supervisor to focus on external relations

Please login or register to see this full article.

13/02/2015 by:

In an exclusive interview with Laura Linkomies, PL&B Editor, newly appointed European Data Protection Supervisor, Giovanni Buttarelli, explained that his priority over the next five years is to be proactive in promoting a culture of data protectio...

Comments: 0
Tags:

Microsoft adopts ISO 27018 cloud code of practice

Please login or register to see this full article.

25/02/2015 by:

In Microsoft’s most recent audit for ISO 27001, ISO auditors have verified that Microsoft incorporates controls that comply with the ISO 27018 code of practice for the protection of personal data in the cloud ( PL&B International Report October 20...

Comments: 0

Italy’s DPA extends its reach to audit Google’s US headquarters and possibly other companies

Please login or register to see this full article.

26/02/2015 by:

The Garante, Italy’s DP Authority, is requesting changes to Google’s privacy policy to bring it into line with Italy’s data protection law. Google has until 15 January 2016 to comply. The decision includes the opportunity for the Garante to conduc...

Comments: 0
Tags:

Obama administration issues a draft Privacy Bill of Rights

Please login or register to see this full article.

03/03/2015 by:

The text of the draft privacy Bill of Rights, labelled a ‘discussion draft’, would severely restrict the collection and processing of consumer data. This wide-ranging bill, based on the existing Fair Information Practice Principles (FIPPs), would...

Comments: 0

Netherlands’ DPA and US FTC sign Memorandum of Understanding

Please login or register to see this full article.

11/03/2015 by:

The Netherlands’ Data Protection Authority and the US Federal Trade Commission (FTC) signed a memorandum of understanding (MOU) on 9 March “to enhance information sharing and enforcement cooperation on privacy-related matters.” While the agencies...

Comments: 0

Council reaches partial general agreement on the One-Stop-Shop

Please login or register to see this full article.

16/03/2015 by:

The "One-Stop-Shop" will apply only in important cross-border cases, the Council of the European Union announced on 13 March. It said that EU Justice Ministers have reached a partial general approach on specific issues in the EU DP draft Regulatio...

Comments: 0

Japan plans to amend its law and allow for inspections

Please login or register to see this full article.

27/03/2015 by:

Japan’s Cabinet decided on 10 March to amend the 2003 Act on the Protection of Personal Information. Dr. Hiroshi Miyashita, Associate Professor, Chuo University, Tokyo, informed PL&B that both the House of Representatives and the House of...

Comments: 0
Tags:

Criminal sanctions and compensation for moral damages result from misuse of CCTV images contrary to registration with France’s CNIL

Please login or register to see this full article.

08/04/2015 by:

By a judgment of February 24, 2015, the Paris Court of Appeal issued criminal sanctions both against a restaurant “La Closerie des Lilas” and its manager, for misuse of a CCTV system which had been put in place for security purposes and not to...

Comments: 0
Tags:

DPAs support UN resolution on privacy

Please login or register to see this full article.

10/04/2015 by:

The International Conference of Data Protection and Privacy Commissioners (ICDPPC) announced on 9th April their support for a UN Human Rights Council Resolution titled: “The right to privacy in the digital age” which was adopted on 28th March. The...

Comments: 0
Tags:

The Global Privacy Enforcement Network increases in size and scope

Please login or register to see this full article.

15/04/2015 by:

The Global Privacy Enforcement Network, GPEN, is working towards the launch of a secure Internet-based platform that will allow GPEN members to alert other members about investigations and find out whether other members are investigating the same...

Comments: 0
Tags:

Argentina adopts new regulations on CCTV and Do Not Call registry

Please login or register to see this full article.

16/04/2015 by:

Argentina has enacted two new regulations: the first one is related to sanctions and the recently adopted national Do Not Call registry, and the second one is about CCTV. The new Sanctions Regulation (Disp. 9/2015) provides a new scale of fines (u...

Comments: 0
Tags:

EU wants agreement on Safe Harbor by the summer

Please login or register to see this full article.

17/04/2015 by:

According to Vera Jourova, EU Commissioner for Justice, Consumers and Gender Equality, the EU is seeking to resolve key issues on the US Safe Harbor agreement with the US by 28 May, the date of the EU-US Justice and Home Affairs Ministerial Meetin...

Comments: 0
Tags:

Japan's legislature discusses new privacy law and EU adequacy

Please login or register to see this full article.

24/04/2015 by:

Japan's Diet (Parliament) is expected to have intensive discussions in May about privacy law reform, including the proposal for an independent data protection authority.   In a plenary session in the House of Representatives on 23 April,  the...

Comments: 0

Privacy advocacy NGOs worried about compromises in new EU DP regime

Please login or register to see this full article.

27/04/2015 by:

NGOs from the European Union and around the globe, including European Digital Rights (EDRi), Privacy International and US-based Electronic Privacy Information Center (EPIC), have expressed concern over the proposed changes to the draft EU Data...

Comments: 0

Italy’s DPA launches consultation on Internet of Things

Please login or register to see this full article.

05/05/2015 by:

The Garante, Italy’s Data Protection Authority, is inviting comments on the Internet of Things (IoT) in order to gain insights for defining rules and safeguards in this area, especially to ensure maximum transparency and to avoid abuse of people’s...

Comments: 0

Belgium’s DPA: Facebook subject to Belgian law

Please login or register to see this full article.

19/05/2015 by:

Facebook is disregarding Belgian and European Data Protection legislation, Belgium’s Data Protection Authority says. The DPA has adopted a recommendation, as opposed to a decision, which says that this was a necessary step after months of...

Comments: 0

Italians concerned about privacy but willing to exchange data for commercial incentives

Please login or register to see this full article.

20/05/2015 by:

Italians are well aware of their privacy rights, suggests an online survey conducted by Italy’s Direct Marketing Association, supported by Consodata (a Seat Pagine Gialle Company), a marketing and communications agency, and launched at a media eve...

Comments: 0
Tags:

Australia regards metadata as personal data

Please login or register to see this full article.

22/05/2015 by:

The Australian Privacy Commissioner has ruled that telco metadata on the phone calls a person receives and sends is 'personal information' and therefore access rights apply. The requester, a journalist, wanted access to all the metadata informatio...

Comments: 0

The Netherlands introduces mandatory data breach notification

Please login or register to see this full article.

29/05/2015 by:

  The Netherlands First Chamber passed a Bill on Data Breach Notification on 26 May, law firm De Brauw Blackstone Westbroek reports. It will be mandatory for all types of data controllers to notify  breaches of personal data. Failure to notify is...

Comments: 0
Tags:

France’s DPA says audits are a higher priority

Please login or register to see this full article.

05/06/2015 by:

France’s Data Protection Authority, the CNIL, said at the end of May that it intends to conduct 550 inspections in 2015. Of these, some 350 will be on-site or off-site inspections and the rest will be conducted online. The CNIL says that it will...

Comments: 0
Tags:

Germany’s DPA criticises data retention bill

Please login or register to see this full article.

11/06/2015 by:

Andrea Vosshoff, Germany’s Federal Data Protection Commissioner, says that the government bill, due to be debated in parliament tomorrow, 12 June, is a disproportionate interference in German, but also in European fundamental rights. Vosshoff...

Comments: 0

EU Council reaches agreement on EU DP Regulation

Please login or register to see this full article.

15/06/2015 by:

Today, Justice Ministers in the Council reached a General Approach on the new data protection rules confirming the approach taken in the Commission's proposal back in 2012. Trilogue negotiations between the Council, the European Parliament and the...

Comments: 0

EU DPAs: New Regulation must not lower DP standards

Please login or register to see this full article.

19/06/2015 by:

The EU Art. 29 DP Working Party says that the new regulatory framework should not undermine the core principles and rights established in the DP Directive. The DPAs consider that the proposal to enable controllers to process data for a purpose tha...

Comments: 0

Canada introduces mandatory breach notification

Please login or register to see this full article.

22/06/2015 by:

The Digital Privacy Act, adopted on 18 June, introduces an explicit obligation to notify individuals in cases of breaches, and report to the Office of the Privacy Commissioner of Canada if it is "reasonable in the circumstances to believe that the...

Comments: 0
Tags:

Trilogue on EU DP Regulation starts with optimistic notes

Please login or register to see this full article.

24/06/2015 by:

Speaking after the first Trilogue meeting today, Jan Philipp Albrecht, Rapporteur for the European Parliament said that agreement between the Trilogue parties may be achieved by the end of the year, together with agreement on the so called EU Poli...

Comments: 0

Julie Brill, FTC Commissioner, at PL&B’s 28th Annual International Conference, Cambridge, on the FTC’s Privacy Leadership Role in the US

Please login or register to see this full article.

14/07/2015 by:

Julie Brill, Commissioner, Federal Trade Commission, has now published her presentation (see link below) on the FTC’s Privacy Leadership Role in the US which she gave at on 7th July in Cambridge at PL&B’s 28th Annual International Conference,...

Comments: 0

UN appoints Special Rapporteur on Privacy

Please login or register to see this full article.

22/07/2015 by:

The United Nations appointed on 1 July Joseph Cannataci as a Special Rapporteur on the Right of Privacy for the next three years. The rapporteur’s mandate includes to: identify possible obstacles to the protection of the right of privacy,  identif...

Comments: 0
Tags:

European Data Protection Supervisor gives his Opinion on the EU DP Trilogue negotiations via a new app

Please login or register to see this full article.

27/07/2015 by:

Today, Giovanni Buttarelli, European Data Protection Supervisor, followed up his announcement on 7th July at PL&B’s 28th Annual International Conference by launching an app which not only gives his Opinion on the Trilogue negotiations but also...

Comments: 0

New Director of Spain’s Data Protection Authority announces her strategy

Please login or register to see this full article.

28/07/2015 by:

Following her appointment on 24 July, Mar España Martí, the new Director of Spain’s national Data Protection Authority (Agencia Española de Protección de Datos - AEPD), was introduced to the media on 27 July at the AEPD’s office in Madrid by Justi...

Comments: 0
Tags:

HK Commissioner covers privacy in a democracy and management advice in his end of term statement

Please login or register to see this full article.

03/08/2015 by:

Allan Chiang, Hong Kong’s Privacy Commissioner for Personal Data, announced the end of his five year term of office today with a statement reviewing some highlights. He referred to tensions between privacy and freedom of the press. He has recently...

Comments: 0

New Hong Kong Commissioner starts today

Please login or register to see this full article.

04/08/2015 by:

Stephen Kai-yi WONG has today started his five year term as the Privacy Commissioner for Personal Data, Hong Kong. He states: “I will work with all the stakeholders to protect personal data privacy rights, with a view to ensuring proper protection...

Comments: 0

CNIL shows France’s PSG Football Club a yellow card

Please login or register to see this full article.

06/08/2015 by:

The CNIL, France’s DP Authority, has ordered Paris Saint-Germain Football Club (PSG Football), one of France’s leading soccer clubs, to properly manage its file for excluding spectators from the stadium. There is a legal framework for excluding...

Comments: 0

France adopts controversial surveillance Act

Please login or register to see this full article.

11/08/2015 by:

As a result of the Charlie Hebdo shootings, France has adopted a law that enables its intelligence agencies to monitor phone calls and emails of suspected terrorists without prior authorisation from a judge. The Bill, which was approved by France'...

Comments: 0

Germany’s DPAs: Purpose limitation must not be weakened

Please login or register to see this full article.

28/08/2015 by:

Germany’s Data Protection Commissioners declare that the principle of purpose limitation must not be weakened by the proposed EU Data Protection draft Regulation. The German DPAs issued a press release on 26 August in which they oppose the proposa...

Comments: 0

Russian data localisation law now in force but some leeway for non-Russian Internet companies

Please login or register to see this full article.

02/09/2015 by:

Russia's data localisation law, which also applies to websites of foreign companies, entered into force on 1 September (PL&B International Report February 2015 p.6). But large Internet companies, Google, Twitter and Facebook, have lobbied the...

Comments: 0

Japan adopts amendment to its DP Act

Please login or register to see this full article.

03/09/2015 by:

Japan’s Diet has today, 3 September, amended the Act on the Protection of Personal Information. The amended Act will establish a “Personal Information Protection Commission” as of 1 January 2016. The amendment was due to be passed in the summer bu...

Comments: 0
Tags:

EU-US umbrella agreement on law enforcement finalised

Please login or register to see this full article.

08/09/2015 by:

European Union negotiations with the US government for an international data protection framework agreement in the law enforcement area (so-called ‘Umbrella Agreement’) have been finalised. According to Reuters, the parties have reached agreement ...

Comments: 0

EDPS to set up a European Ethics Advisory Board

Please login or register to see this full article.

11/09/2015 by:

European Data Protection Supervisor, Giovanni Buttarelli, is today calling for broader discussion, both in the European Union and globally, on how to ensure the integrity of our values while embracing the benefits of new technologies. To ensure th...

Comments: 0
Tags:

Safe Harbor is invalid as a guarantee of privacy, says AG of European Court of Justice

Please login or register to see this full article.

24/09/2015 by:

The Court of Justice of the European Union’s Advocate General, Yves Bot, has issued an opinion on the EU-US Safe Harbor saying that it is invalid as an automatic assurance of privacy due to breaches of fundamental rights of privacy and data...

Comments: 0
Tags:

CJEU will give its decision on Safe Harbor on 6 October

Please login or register to see this full article.

29/09/2015 by:

It has been confirmed that the legal status of the US EU Safe Harbor Framework, in its current form, will be decided by the Court of Justice of the European Union next Tuesday, 6 October. A decision was not expected for several weeks, but the...

Comments: 0
Tags:

CJEU: EU-US Safe Harbor framework is invalid

Please login or register to see this full article.

06/10/2015 by:

The Court of Justice of the European Union (CJEU) has in its decision today declared that transfers of personal data from the EU to the US cannot rely on the Safe Harbor framework agreement. The Court said that it is for the national Data Protecti...

Comments: 0
Tags:

EU Council reaches common position on draft Data Protection Directive

Please login or register to see this full article.

13/10/2015 by:

The EU Council has agreed its negotiating position on the draft Data Protection Directive for the law enforcement area. This in an important step as the Trilogue parties working on the EU Draft DP Regulation had agreed that the two instruments nee...

Comments: 0

DPAs ready to take enforcement action if no solution found to US transfers by end of January 2016

Please login or register to see this full article.

19/10/2015 by:

On 6 October, the Court of Justice of the European Union (CJEU) declared the Safe Harbor Decision of the European Commission invalid. www.privacylaws.com/Publications/enews/International-E-news/Dates/2015/10/CJEU-EU-US-Safe-Harbour-framework-is-in...

Comments: 0

US on its way to adopt Judicial Redress Act and hopefully facilitate transfers from the EU

Please login or register to see this full article.

21/10/2015 by:

The US House of Representatives agreed yesterday to move forward the Judicial Redress Bill, which would ensure some foreigners the right to pursue their privacy rights in US courts. There was overwhelming bipartisan support for the Bill which will...

Comments: 0

No easy way forward for EU-US transfers of personal data

Please login or register to see this full article.

28/10/2015 by:

The EU DPAs, and the EU Commission are frantically searching for solutions to the problem of the European Court of Justice declaring the US-EU Safe Harbor to be invalid. While the EU and the US are still negotiating a new framework, there are...

Comments: 0
Tags:

DPA conference debates transatlantic privacy solutions but fails to find any so far

Please login or register to see this full article.

29/10/2015 by:

The Data Protection Authorities' 37th International Privacy Conference, hosted by the Netherlands DPA, has held discussions on practical solutions to privacy challenges between the EU and the US. Opening the conference, Chairman of the Netherlands...

Comments: 0
Tags:

EU Commissioner Vĕra Jourová says protection of personal data more than a “European” fundamental right

Please login or register to see this full article.

30/10/2015 by:

EU Commissioner, Vĕra Jourová, yesterday told the 37th International Privacy Conference in Amsterdam that the ECJ’s decision in the Schrems case “reaffirms once more that personal data protection is a fundamental right and that it applies also whe...

Comments: 0
Tags:

Belgian court orders Facebook to stop collecting personal data from non-Facebook users

Please login or register to see this full article.

10/11/2015 by:

The Brussels tribunal of first instance yesterday issued an injunction against Facebook to stop it collecting personal data from non-Facebook users in Belgium. The injunction, initiated by Willem Debeuckelaere, President, Belgium’s Commission for...

Comments: 0

Facebook receives Europe’s highest ever DP fine

Please login or register to see this full article.

13/11/2015 by:

Following PL&B’s e-news on the Belgian Facebook case on 11th November, it is now clear that the fine of 250,000 Euros is per day. The Belgian DPA’s website states: “The Court imposes a penalty upon Facebook amounting to 250,000 EUR per day that it...

Comments: 0

Safe Harbor solution by January 2016, Jourová says

Please login or register to see this full article.

17/11/2015 by:

Speaking in Washington yesterday, EU Commissioner responsible for data protection, Věra Jourová, said that she is confident a solution for EU-US data transfers will be found by January 2016 because: 1. “we have clear guidelines from Europe's highe...

Comments: 0
Tags:

Facebook to comply with Belgium’s ruling on cookies

Please login or register to see this full article.

03/12/2015 by:

Facebook says it has changed its practice for non-Facebook users accessing Facebook so that it will comply with the Belgian Tribunal of First Instance decision of 9 November. This means that anyone without a Facebook account in Belgium will now ha...

Comments: 0

EU Cyber Security Directive brings in data breach notification for many sectors

Please login or register to see this full article.

09/12/2015 by:

The EU Trilogue on the Network and Information Security Directive, the so-called Cyber Security Directive, was completed on 7 December.  A data breach notification duty will apply to providers of key infrastructure, such as energy, transport, and...

Comments: 0

EU DP Regulation Trilogue agreement by the end of the year still possible

Please login or register to see this full article.

10/12/2015 by:

Věra Jourová, European Commissioner for Justice, said at Forum Europe’s 6th Annual DP and Privacy Conference in Brussels today that the EU Data Protection Regulation is in its “final stages….The European Commission will support its implementation…...

Comments: 0

Political agreement reached on the EU DP Regulation and Directive

Please login or register to see this full article.

16/12/2015 by:

Yesterday, the EU Council, European Parliament and European Commission negotiators agreed the data protection package – the general DP Regulation and the so-called ‘Police’ Directive. The next step is a confirmation vote at the European Parliament...

Comments: 0

European Parliament LIBE committee approves DP package

Please login or register to see this full article.

17/12/2015 by:

The European Parliament’s Civil Liberties, Justice and Home Affairs [LIBE] Committee approved the data protection package this morning. The next step will be a vote in full Parliament in the new year. The Council has to organise a vote too, but th...

Comments: 0

Russia: Right to be Forgotten law in force from 1 January

Please login or register to see this full article.

30/12/2015 by:

Russia’s “Right to be Forgotten Law”, signed by President Putin on 13 July 2015, will enter into force on 1 January 2016. The Law imposes an obligation on search engines that disseminate advertisements targeted at consumers located in Russia to...

Comments: 0
Tags:

EDPS publishes priorities and work programme for 2016

Please login or register to see this full article.

08/01/2016 by:

The European Data Protection Supervisor (EDPS) plans to comment on the EU Commission’s Implementing  Decision on EU-US data flows (Commission Communication COM(2015) 566); monitor developments for a new arrangement for transatlantic data transfers...

Comments: 0
Tags:

Business leaders urge EU and US to meet Safe Harbor deadline

Please login or register to see this full article.

19/01/2016 by:

BusinessEurope, the US Chamber of Commerce, DigitalEurope and the Information Technology Industry Council (ITI) have written to EU negotiators and President Obama stressing how important it is to find a solution before the end of the month....

Comments: 0
Tags:

EU GDPR implementation: Many obstacles to tackle

Please login or register to see this full article.

27/01/2016 by:

In a panel discussion at the CPDP conference today in Brussels, Bruno Gencarelli from the European Commission said that the Commission would now look into developing tools for compliance such as codes of conduct. Jan  Philip Albrecht from the...

Comments: 0

EU will announce on Monday whether new Safe Harbor agreement has been found

Please login or register to see this full article.

28/01/2016 by:

In a feisty exchange of words with Paul Nemitz, Director at European Commission for Fundamental Rights, US Federal Trade Commissioner Julie Brill  said today at the CDPD conference in Brussels that 'there are very good proposals on the table now, ...

Comments: 0
Tags:

Facebook v. Belgian DPA case to go to appeal and a German case moves up to the Federal Court

Please login or register to see this full article.

29/01/2016 by:

Willem Debeuckelaere, President, Belgium’s Privacy Commission has informed PL&B that the Facebook v. Belgian DPA case (PL&B International Report December 2015 p.1) is to go to the Appeal Court. The hearing is scheduled for 11 May. The wider EU...

Comments: 0

No deal yet for EU-US data transfers

Please login or register to see this full article.

02/02/2016 by:

Věra Jourová, European Commissioner for Justice, addressed the European Parliament’s LIBE Committee yesterday evening, 1 February, to inform the MEPs of the state of play in the negotiations. “Negotiations are still ongoing, including at the...

Comments: 0
Tags:

Political agreement found for new EU-US data transfer deal

Please login or register to see this full article.

03/02/2016 by:

The EU Commission announced yesterday that it has finalised negotiations with the United States on a renewed framework for transatlantic data flows of personal data. While the European Commission claims that this will create legal certainty for...

Comments: 0

CNIL gives Facebook 3 months to fix consent or face sanctions

Please login or register to see this full article.

10/02/2016 by:

France’s Data Protection Regulator, the CNIL, has issued Facebook with a formal notice which states that it expects the company to comply with France’s Data Protection Act within three months. The issue in question is about fair collection of...

Comments: 1
Tags:

What will the new European Data Protection Board mean for companies?

Please login or register to see this full article.

15/02/2016 by:

The EU Data Protection Authorities have published their Article 29 DP Working Party programme. It highlights the level of cooperation needed and the importance of the European Data Protection Board (EDPB) which will replace the Article 29 DP Worki...

Comments: 1

Catalan Data Protection Authority launches Data Protection by Design competition

Please login or register to see this full article.

19/02/2016 by:

Barbarà Fondevila, Maria Àngels, Director, Catalan Data Protection Authority, based in Barcelona, has launched a competition to find an app or technological solution developed anywhere that best showcases “applications or systems that improve the...

Comments: 0

Poland’s DPA says enforcement against ex-Safe Harborites is a possibility

Please login or register to see this full article.

22/02/2016 by:

Poland’s Data Protection Commissioner, Dr Edyta Bielak-Jomaa, has issued a statement which says that in the absence of a new framework for EU-US data transfers, the authority is prepared to consider any complaints in this regard, even if they were...

Comments: 0

German consumer law creating new DP rights enters into force today

Please login or register to see this full article.

24/02/2016 by:

Germany’s “Act to Improve the Civil Enforcement of Consumer Protection Provisions of Data Protection Law”, published on 17 February and entering into force today, 24 February 2016, enables consumer protection associations to file privacy cases in...

Comments: 0
Tags:

EU Commission issues Privacy Shield details and draft adequacy decision

Please login or register to see this full article.

29/02/2016 by:

The "adequacy decision" for EU-US personal data transfers, drafted by the EU Commission, as well as the texts that will constitute the EU-US Privacy Shield have been published today. The EU Commission concludes that the United States ensures an ...

Comments: 0

US enacts law to provide some privacy rights for EU citizens

Please login or register to see this full article.

01/03/2016 by:

President Obama signed, on 24 February, the Judicial Redress Bill which gives Europeans the right to sue the United States for unlawful disclosure of personal information. The new right is the same as that afforded to American citizens under the...

Comments: 0

DPAs’ Enforcement Network grows in numbers and reach

Please login or register to see this full article.

21/03/2016 by:

The Data Protection Authorities’ Global Privacy Enforcement Network (GPEN), now has 59 privacy enforcement authority members in 43 jurisdictions. In 2016, GPEN intends to increase membership from under-represented regions (Africa, Asia, South...

Comments: 0

German competition policy agency investigates Facebook for infringement of DP rules

Please login or register to see this full article.

01/04/2016 by:

The German Bundeskartellamt has initiated proceedings against Facebook on suspicion of the company having abused its dominant market positon by infringing data protection rules. The German competition policy agency is investigating Facebook Inc.,...

Comments: 0

Privacy Shield debate heats up as we wait for DPAs opinion

Please login or register to see this full article.

04/04/2016 by:

The Privacy Shield framework provides an 'essentially equivalent' level of protection for personal data transferred from the EU to the US, Hogan Lovells LLP privacy lawyers conclude in their 63-page legal analysis commissioned by the Information...

Comments: 0

EU Council of Ministers publishes updated version of the General Data Protection Regulation

Please login or register to see this full article.

08/04/2016 by:

The EU Council of Ministers has published a new version of the General Data Protection Regulation, dated 6 April 2016.  PL&B understands that technical/linguistic work has clarified some of the unclear wording in the text that was adopted by a...

Comments: 0

Turkey adopts data protection law

Please login or register to see this full article.

08/04/2016 by:

Turkey’s Data Protection Law was published yesterday, 7 April in the Official Gazette. Assistant Professor Elif Küzeci from Bahcesehir University, Istanbul, told PL&B that this is the most significant step for data protection in Turkey so far. The...

Comments: 0
Tags:

EU DPAs: In the absence of the EU-US Privacy Shield, BCRs can be used for now / GDPR to be adopted tomorrow

Please login or register to see this full article.

13/04/2016 by:

EU DPAs:  In the absence of the EU-US Privacy Shield, BCRs can be used for now In a press conference today, the Chair of the EU Data Protection Working Party, Isabelle Falque-Pierrotin (also President of France’s DPA, the CNIL), said that the...

Comments: 0

European Parliament adopts Data Protection Regulation: Enters into force by July

Please login or register to see this full article.

14/04/2016 by:

The European Parliament’s plenary session this afternoon adopted the EU Data Protection Regulation. It is expected that it will enter into force by July, 20 days after its publication in the EU Official Journal. Its provisions will be directly...

Comments: 0
Tags:

EU Commission starts revision of e-privacy Directive

Please login or register to see this full article.

18/04/2016 by:

The European Commission launched, on 12 April, a public consultation on the revision of the e-Privacy Directive. It is expected that the Commission will issue a legislative proposal on e-privacy by the end of this year. The Consultation consists o...

Comments: 0
Tags:

UN Special Rapporteur on the Right to Privacy is finding resources to do his job

Please login or register to see this full article.

19/04/2016 by:

At yesterday’s ASSO DPO conference in Milan, Dr Joseph Cannataci, United Nations Special Rapporteur on the Right to Privacy, told PL&B that, although he receives a low official budget (PL&B International Report April 2016 pp.10-12), in fact, he is...

Comments: 0
Tags:

UK ICO urges US to answer DPAs’ Privacy Shield questions

Please login or register to see this full article.

29/04/2016 by:

The UK Information Commissioner, Christopher Graham, says that the questions the EU DPA’s Article 29 Data Protection Working Party posed on the proposed EU-US Privacy Shield should be answered as a first priority. “The Article 29 Group has posed...

Comments: 0

EU DP Regulation in force 25 May 2018: Time to start preparing for compliance

Please login or register to see this full article.

05/05/2016 by:

The EU Data Protection Regulation was published in the European Union’s Official Journal yesterday, and will enter into force on 25 May 2018. Together with EU Regulation 2016/679, the European Commission has published the text of the so-called...

Comments: 0
Tags:

Dynamic IP addresses can be personal data, CJEU says

Please login or register to see this full article.

13/05/2016 by:

The Advocate General of the Court of Justice of the European Union ( CJEU) issued an opinion yesterday in the case Patrick Breyer v. Federal Republic of Germany which suggests that dynamic Internet Protocol (IP) addresses fall within the EU Data...

Comments: 0
Tags:

EU Cyber Security Directive expected to enter into force in August

Please login or register to see this full article.

18/05/2016 by:

The European Union is preparing to have the Network and Information Security (NIS) Directive (Cyber Security Directive) in force from August 2016. The EU Presidency has announced that the Council adopted its position in its first reading on 17 May...

Comments: 0

Ireland to challenge model clauses as basis for international transfers

Please login or register to see this full article.

26/05/2016 by:

Ireland’s  Data  Protection  Commissioner is planning  to  refer the Facebook case back to  the  Court  of  Justice  of  the  European  Union  (CJEU)  to  determine  if  Facebook can  continue  to  transfer  data  from  the  EU  to  the  US  by...

Comments: 0

EDPS: Privacy Shield is not good enough

Please login or register to see this full article.

08/06/2016 by:

The European Data Protection Supervisor (EDPS) has issued an Opinion in which he says that the proposed EU-US Privacy Shield is not robust enough. Giovanni Buttarelli, EDPS, said: "I appreciate the efforts made to develop a solution to replace Saf...

Comments: 0

EU-US Privacy Shield talks continue: Update at PL&B’s Conference

Please login or register to see this full article.

17/06/2016 by:

The Article 31 Committee, consisting of EU Member States’ representatives, will meet again on 20 and 29 June in an attempt to agree the draft adequacy decision for EU to US international data transfers under the proposed EU-US Privacy Shield. The ...

Comments: 0

CNIL launches GDPR consultation

Please login or register to see this full article.

20/06/2016 by:

France’s Data Protection Authority, the CNIL, has started a consultation on some of the GDPR (EU Data Protection Regulation) issues in order to help the EU Article 29 Data Protection Working Party (DPWP) in its work. The President of the CNIL,...

Comments: 0
Tags:

Facebook wins privacy case in Belgium

Please login or register to see this full article.

30/06/2016 by:

The Belgium Court of Appeal has overturned the DPA’s decision on Facebook not being compliant with Belgium’s data protection law. The case concerned Facebook using a cookie to monitor non-Facebook members’ browsing habits when they visit Facebook...

Comments: 0

Privacy Shield to be adopted next week

Please login or register to see this full article.

05/07/2016 by:

Speaking at Privacy Laws & Business 29th Annual International Conference in Cambridge, Bruno Gencarelli, Head of EU Data Protection Unit said that the Article 31 Committee will be voting on the Privacy Shield pact this week, and following a positi...

Comments: 0

EU-US Privacy Shield now agreed

Please login or register to see this full article.

11/07/2016 by:

The EU-US Privacy Shield, the data transfer agreement between the EU and the US was agreed last Friday 8 July by the EU Member States’ Article 31 Committee representing the 28 Member States. This package, replacing the Safe Harbor agreement, will ...

Comments: 0

Privacy Shield adopted: Certifications can be filed from 1 August

Please login or register to see this full article.

13/07/2016 by:

The EU Commission adopted the Privacy Shield yesterday for transfers of personal data from the EU to the US. The adequacy decision has been notified to the 28 EU Member States and thereby enters into force immediately. The Privacy Shield framework...

Comments: 0

CNIL orders Microsoft to comply with France’s data protection law

Please login or register to see this full article.

22/07/2016 by:

On 20 July, France’s Data Protection Authority, the CNIL, served Microsoft with a formal notice that it must comply with France’s data protection law within three months. The CNIL states that the Windows 10 operating system collects excessive...

Comments: 0
Tags:

EU DPAs: Further improvements required for EU-US Privacy Shield

Please login or register to see this full article.

26/07/2016 by:

The EU Data Protection Authorities say that they welcome the changes made to the EU-US Privacy Shield’s final version. But several concerns remain regarding both the commercial aspects and the access by US public authorities to data transferred fr...

Comments: 0

Tentative take-up of Privacy Shield

Please login or register to see this full article.

17/08/2016 by:

Only 35 companies have so far been certified to the EU-US Privacy Shield, which became operational on 1 August. The programme has stricter requirements than its predecessor, Safe Harbor, which in the end had some 5,500 participants. However, large...

Comments: 1

Ashley Madison site used a fabricated security trustmark

Please login or register to see this full article.

24/08/2016 by:

Canada’s Federal Privacy Commissioner and Australia’s Privacy Commissioner have concluded in their joint investigation into Ashley Madison’s 2015 data breach that the Toronto-based company had serious faults in its data security. For example, the...

Comments: 0

South Africa on its way to appoint a regulator

Please login or register to see this full article.

13/09/2016 by:

On 7 September, South Africa’s National Assembly approved the nomination of Pansy Tlakula as the Chairperson of the Information Regulator to enforce the Protection of Personal Information Act 2013 (POPI) and positions of other full time and part...

Comments: 0

EU-US Privacy Shield gains momentum

Please login or register to see this full article.

22/09/2016 by:

Some 200 US companies have now been certified to the EU-US Privacy Shield, Ted Dean, Deputy Assistant Secretary for Services at the US Department of Commerce said today at a privacy conference in Germany. Another 300 companies are being reviewed,...

Comments: 0

Bavaria issues GDPR guidance on sanctions

Please login or register to see this full article.

27/09/2016 by:

Germany’s state of Bavaria Data Protection Authority for the private sector has provided organisations with some guidance on compliance with the EU General Data Protection Regulation (GDPR). The guidance, issued on 1 September, provides informatio...

Comments: 0

EDPS calls for regulators’ cooperation and scepticism on Big Data mergers

Please login or register to see this full article.

03/10/2016 by:

The European Data Protection Supervisor (EDPS), Giovanni Buttarelli, says that we need to see more accountability in Big Data mergers. “Regulators should have a healthy scepticism on these, and be more conversant with new technology.” Buttarelli...

Comments: 0
Tags:

100+ DPAs gather in Morocco to discuss developing privacy issues

Please login or register to see this full article.

20/10/2016 by:

Data Protection Authorities from all over the world are currently meeting in Marrakesh, Morocco for their 38th International Privacy Conference. The DPAs and stakeholders debated yesterday data privacy as a driver for sustainable development,...

Comments: 0

US pleased with 500 Privacy Shield certifications so far

Please login or register to see this full article.

21/10/2016 by:

“We are very pleased that participation in the EU-US Privacy Shield has exceeded expectations,” Shannon Coe from the US Department of Commerce said. Speaking at the international DPAs’ conference in Marrakesh yesterday, Coe confirmed that the...

Comments: 0

EU DPAs target WhatsApp and Yahoo – 1st step in enhanced enforcement cooperation

Please login or register to see this full article.

28/10/2016 by:

The EU Article 29 Data Protection Working Party (WP29) has sent a letter to WhatsApp saying that they have serious concerns regarding the sharing of information within the “Facebook family of companies”. The DPAs say that the Terms of Service and...

Comments: 0
Tags:

Government gives green light to GDPR implementation

Please login or register to see this full article.

04/11/2016 by:

The Secretary of State for Culture, Media and Sport (CMS), Karen Bradley MP, told the CMS Select Committee on 24 October about her meeting at the Department for Exiting the European Union with the Secretary of State, and discussion about...

Comments: 0
Tags:

German DPAs launch enquiry on international transfers to non-EU countries

Please login or register to see this full article.

07/11/2016 by:

Ten German state and city level DPAs, coordinated by Bavaria’s DPA, have started a survey of 500 companies’ practices regarding international data transfers. The state and city level DPAs that are involved are: Bavaria, Berlin, Bremen, Hamburg,...

Comments: 0

Russia blocks LinkedIn as a result of data localisation requirement

Please login or register to see this full article.

18/11/2016 by:

In an unprecedented move, the Russian DPA, Roskomnadzor yesterday, 17 November, blocked access to the LinkedIn website in order to comply with a Moscow City Court ruling on 10 November. The court found that the company was in breach of the data...

Comments: 0

DPAs to issue GDPR guidance by the end of December

Please login or register to see this full article.

01/12/2016 by:

EU Data Protection Authorities are promising to issue the first parts of their guidance on the EU Data Protection Regulation (GDPR) soon after their plenary meeting on 12-13 December. Guidance can be expected on Data Protection Officers (DPOs), da...

Comments: 0

Leaked EU proposal: Regulation for the revision of e-Privacy Directive

Please login or register to see this full article.

14/12/2016 by:

The EU Commission’s draft proposal for the revision of the e-Privacy Directive suggests GDPR-style fines and a Regulation, directly applicable in all the European Union Member States, rather than a Directive. While the formal proposal is expected ...

Comments: 0
Tags:

EU DPAs issue GDPR guidance on data portability, DPOs and lead authority

Please login or register to see this full article.

16/12/2016 by:

The EU Article 29 Data Protection Working Party adopted, during its 12-13 December meeting: • Guidelines and FAQs on the right to Data Portability, • Guidelines and FAQs on Data Protection Officers (DPOs) and • Guidelines and FAQs on the Lead...

Comments: 0

Argentina amends its DP Act to facilitate international transfers

Please login or register to see this full article.

05/01/2017 by:

Argentina has adopted a new regulation on international transfers of personal data which allows companies to use model contract clauses.   Pablo Palazzi, partner at the law firm Allende & Brea in Buenos Aires, Argentina, says that under the new...

Comments: 0
Tags:

EU to start adequacy talks with Japan and Korea

Please login or register to see this full article.

11/01/2017 by:

The EU Commission sets the strategic framework for "adequacy decisions" as well as other tools for data transfers and international data protection instruments in its Communication published yesterday, 10 January. The Commission says that it will...

Comments: 0

US and Switzerland sign Privacy Shield agreement

Please login or register to see this full article.

13/01/2017 by:

The United States and Switzerland, on 12 January 2017, agreed the Swiss-US Privacy Shield Framework as a valid legal mechanism to comply with Swiss requirements when transferring personal data from Switzerland to the United States. The Swiss-US...

Comments: 0

MEPs call for more guidance on GDPR

Please login or register to see this full article.

25/01/2017 by:

Speaking at the CPDP conference in Brussels today, Axel Voss, MEP and member of the European Parliament's LIBE committee said that there is an urgent need for more interpretations on the GDPR. He said that the DPAs should clarify concepts very...

Comments: 0
Tags:

EU-US Privacy Shield threatened by Trump executive order

Please login or register to see this full article.

27/01/2017 by:

President Trump's Executive Order from yesterday would take away privacy protection from non-US citizens in the US, and thus put the EU-US Privacy Shield in danger. Jan Philip Albrecht, MEP, tweeted yesterday at the CPDP conference on hearing the...

Comments: 0

Australia adopts law on mandatory data breach notification

Please login or register to see this full article.

14/02/2017 by:

The Privacy Amendment (Notifiable Data Breaches) Bill 2016 passed both Houses of Parliament on 13 February. Unless the Government fixes a date for commencement by Proclamation, the law will enter into force 12 months from the date the Bill receive...

Comments: 0

EU DPAs ask US further questions on the Privacy Shield

Please login or register to see this full article.

22/02/2017 by:

The dust has somewhat settled on President Donald Trump’s Executive Order threatening the privacy rights of non-US citizens, but the EU DPAs remain vigilant regarding the implementation of the EU-US Privacy Shield. The DPAs decided, in their 7...

Comments: 0

US privacy organisations call for annulment of the EU-US Privacy Shield

02/03/2017 by:

Human Rights Watch and the American Civil Liberties Union (ACLU) have written to EU Commissioner for Justice, Véra  Jourová, saying that given the recent changes to US policies and oversight structures, they believe that the assurances that the...

Comments: 0

Italy issues highest ever fines in EU for a DP breach

13/03/2017 by:

Italy’s Data Protection Authority, the Garante, on 10 March fined five companies in excess of 11 million euros for the unlawful processing of personal data. The data breach was discovered in the context of a broader financial police (Guardia di...

Comments: 0

Data Protection by Design Award entry date extended to 30 March

14/03/2017 by:

The Catalan Data Protection Authority (DPA) has extended the entry date to 30th March for the 5th edition of its Data Protection by Design Award with 5,000 and 2,000 euros money prizes and marketing opportunities. Àngels Barbarà i Fondevila, Catal...

Comments: 0
Tags:

EU-US Privacy Shield review now promised for September

05/04/2017 by:

During her visit to the US last week to discuss the EU-US Privacy Shield with the new US administration, EU Commissioner for Justice, Věra Jourová, said that a review of the progress with the programme will take place in September this year. She...

Comments: 0

EU DPAs welcome expanding the scope of e-Privacy

10/04/2017 by:

The EU Data Protection Authorities welcome the expansion of the scope of the current e-Privacy Directive to include Over-The-Top (OTT) providers such as WhatsApp. The regulators also say that the EU Commission’s plan to introduce the new rules as ...

Comments: 0
Tags:

EU DPAs consult on Data Protection Impact Assessments

19/04/2017 by:

The EU Article 29 Working Party is inviting comments on its proposed guidelines on Data Protection Impact Assessments (DPIAs). DPIAs are mandatory under the EU General Data Protection Regulation (GDPR) when processing is “likely to result in a hig...

Comments: 0
Tags:

Germany on its way to adopting a GDPR implementation Act

28/04/2017 by:

The German Bundestag yesterday adopted the Bill on the adjustment of the Federal Data Protection Act (DSAnpUG-EU) to implement the provisions of the EU General Data Protection Regulation. Now it is up to the Federal Council to approve the law, whi...

Comments: 0
Tags:

EDPS addresses DPOs in Italy

08/05/2017 by:

Speaking at the ASSO DPO conference in Milan today, Giovanni Buttarelli, European Data Protection Supervisor said that  everyone needs to do their homework on the EU General Data Protection Regulation - DPOs, national legislators and Data Protecti...

Comments: 0
Tags:

Facebook fined €150,000 by France’s DPA and WhatsApp €3 million by Italy’s antitrust body

16/05/2017 by:

France’s Data Protection Authority, the CNIL, has today issued a fine of 150,000 euros on Facebook Inc and Facebook Ireland in an enforcement programme coordinated with four other Data Protection Authorities. The regulator says the company is in...

Comments: 0

May 2018 deadline for EU e-Privacy Regulation may be unrealistic

19/05/2017 by:

The EU Council’s Maltese Presidency’s progress report on the EU Commission’s proposal for an e-Privacy Regulation reveals that while Member States are still preparing their national positions, some delegations are already asking for greater...

Comments: 0
Tags:

EU Commission seeks views on EU-US Privacy Shield compliance

07/06/2017 by:

To help it conduct the first annual review of the EU-US Privacy Shield, the EU Commission has issued a questionnaire to trade bodies and some other organisations in order to seek feedback on compliance issues. The annual review, to take place in...

Comments: 0

Microsoft makes changes to its DP compliance as a result of regulatory action in France

29/06/2017 by:

Microsoft has made changes to how it processes personal data as a direct response to a formal notice in July 2016 by France’s Data Protection Authority, the CNIL. At the time, the regulator said that the company had excessive data collection...

Comments: 0
Tags:

Companies’ GDPR readiness not at the level where it should be

03/07/2017 by:

A survey, conducted by Privacy Laws & Business, reveals that less than a half of the respondents have created a breach notification procedure even though breach notification to regulators will be mandatory from next May under the EU Data Protectio...

Comments: 0
Tags:

PL&B conference gathers together privacy experts from 20+ countries

05/07/2017 by:

Privacy Laws & Business 30th Annual International Conference in Cambridge gathered together the main stakeholders in the data protection field for a three-day event 3-5 July. Speaking yesterday was the UK Information Commissioner Elizabeth Denham,...

Comments: 0
Tags:

Japan may soon receive an EU adequacy decision

10/07/2017 by:

The EU Commission hopes to issue Japan with an adequacy decision on international data transfers by early 2018. A joint statement of 4 July by Věra Jourová, EU Commissioner for Justice, and Haruhi Kumazawa, a Commissioner of Japan’s Personal...

Comments: 0
Tags:

Archive

Tag cloud