PL&B International, Issue 149
October 2017

Lead story:
East meets West: Converging regimes, different approaches

Data Protection Authorities discussed legislative frameworks, data transfers and new technologies


Current subscribers click here to view this issue

Issue price: £105 + VAT

Also includes:

  • East meets West: Converging regimes, different approaches
  • Poland takes further steps to adjust to the GDPR
  • Can the GDPR create a new global standard?
  • EU-US Privacy Shield – success so far
  • ‘Speaking the inconvenient truth’: UN Special Rapporteur on privacy
  • Asian privacy scholars meet
  • Privacy in eight South Asian States
  • European data privacy standards in laws outside Europe
  • Industrial Internet of Things: Data privacy and intellectual property
  • Austria amends DP law to comply with GDPR provisions
  • Iceland shows how an EEA country steers parallel to the EU
  • South Korea faces GDPR hurdles
  • Austria amends DP law to comply with GDPR provisions
  • Iceland shows how an EEA country steers parallel to the EU
  • South Korea faces GDPR hurdles
  • Belgian DPA publishes guidance on DPOs and internal records
  • Think tank says DPAs should fine only seriously negligent conduct
  • CNIL publishes processor guidance
  • EU DPAs issue GDPR guidance
  • Human Rights court rules to limit monitoring of employee emails
  • Luxembourg issues GDPR Bill
  • UK ICO welcomes draft DP Bill
  • Hungary moves on with the GDPR
  • Uber settles with US FTC
  • Guidance on driverless vehicles
  • EU to tackle data localisation
  • Canada’s DPA to step up enforcement
  • Call records ruling in Portugal


Publisher's Cover Note

PL&B takes pride in our excellent working relationship with DPAs around the world

Three of our Privacy Laws & Business Reports editorial team (Laura Linkomies, Editor; Professor Graham Greenleaf, Asia-Pacific Editor; and Merrill Dresner, Assistant Editor) and many of our correspondents joined me in Hong Kong for last month’s 39th International Conference of Data Protection and Privacy Commissioners. Graham Greenleaf moderated the session on West meets East with speakers from France, Mexico, the USA and China. As sole Media Partner for the conference, we at Privacy Laws & Business were pleased to promote this event around the world helping result in the best attended conference in this series.

We have reported on some of the main conference themes in the October edition of Privacy Laws & Business International Report including DPAs’ fines, European data privacy standards outside Europe, and several subjects from the Asia Privacy Scholars Network Conference sponsored by PL&B.

It was a perfect opportunity for us to meet subscribers to PL&B International Reports, previous and potential PL&B Annual International Conference speakers, and many Data Protection Authorities. It is in such informal discussions, for example with Commissioners from South Africa’s Information Regulator, which create the links which sustains PL&B’s in-depth coverage of 121 countries with privacy laws and many more planning such laws.

A side event which I attended gave a positive slant on Cross Border Privacy Rules (CBPR). It showed that not only the US but also Japan’s Personal Information Protection Commission is supporting this initiative with companies being assessed by the Japan Information Processing and Development Centre (JIPDEC). Only one Japanese company has been approved so far as meeting the CBPR standard. But the organisation is ready to process more CBPR applications, as it already has a national certification scheme in operation with thousands of Japanese companies approved.

Discussions and interviews outside the conference sessions and side events

As always, discussions and interviews outside the conference sessions and side events provided valuable insights which we will cover in our December edition, for example, with Chaeho Rheem, Standing Commissioner, Personal Information Protection Commission, on the use of mediation in Korea.

After the conference, Merrill and I visited the Privacy Commissioner for Personal Data, Hong Kong for an interview with Commissioner Stephen Kai-yi Wong and Deputy Commissioner, Fanny Wong. Stephen Wong had said at the conference that “meeting the legal requirements of compliance and accountability to recognise the intrinsic values of data privacy rights would be improved by the ethical approach including a fair and ethical use or processing of data. Data users need to add value beyond just complying with the regulations. Perhaps it is high time we developed an equitable data privacy right for all stakeholders.” I have invited him to expand on this concept. We discussed with Fanny Wong and Daniel Chin-wah Leung, Head of Communications and Education, their conciliation work in the absence of enforcement orders.

Our visit to Macau’s Office for Personal Data Protection provided fascinating insights into its work not only in this Special Administrative Region famous for its casinos, but also its surprisingly influential role in privacy law policy making in the People’s Republic of China, always described during our visit as “Mainland China.”

More on all of these subjects in our December edition.

Stewart Dresner