Posted in Privacy Law

Opinion

The Global Competition Between Privacy Models

Countries around the world are struggling to decide whether to adopt data protection law based on the proposed EU Data Protection Regulation or to use a U.S. approach to privacy protection. As I observed firsthand during a recent trip to Japan, the result is competition in global data protection policy making, with the European Commission on the one side and the U.S. government on the other side, both lobbying other countries to follow their respective models.

More from Christopher Kuner

Trending

Revenge Porn, Copyrights and Data Ownership: Where Does Our Data Begin and End?

By Jedidiah Bracy, CIPP/US, CIPP/E

There was an interesting article in The Atlantic Monthly this week about revenge porn and copyright law—and I’m hoping some of you out there can help me.

But first, let me step back.

More from Jedidiah Bracy

Opinion

Is A Criminal Statute Necessary To Supplement a Federal Breach Notification Law?

A few weeks ago, Jason Weinstein introduced Privacy Perspectives readers to Sen. Patrick Leahy’s (D-VT) Personal Data Privacy and Security Act of 2014, a bill that would enact a federal security breach notification law. While Weinstein’s position is well taken and should be considered as this bill moves through Congress, I believe that there is another issue that deserves considerable debate. In addition to creating the federal breach notification law, §102 of Leahy’s bill would open the door to criminal liability for anyone who “intentionally and willfully” conceals the fact of a security breach. Adding criminal liability is not to be taken lightly, and it would be wise for the information privacy and security community to think critically about whether the bill’s criminal statute would be a prudent addition.

More from Andrew Proia

Opinion

Do We Need A Constitutional Amendment Restricting Private-Sector Data Collection?

In an editorial in last Sunday’s New York Times (“Madison’s Privacy Blind Spot”), Jeffrey Rosen, a leading privacy scholar and the president and chief executive of the National Constitution Center, proposed “a constitutional amendment to prohibit unreasonable searches and seizures of our persons and electronic effects, whether by the government or by private corporations like Google and AT&T.”

More from Adam Thierer

Opinion

What a 21st Century Privacy Law Could—and Should—Achieve

By Phil Lee, CIPP/E, CIPM

It’s no secret that the EU’s proposed General Data Protection Regulation (GDPR) hangs in the balance. Some have even declared it dead (see here), though, to paraphrase Mark Twain, those reports are somewhat exaggerated. Nevertheless, 2014 will prove a pivotal year for privacy in the European Union: Either we’ll see some variant of the proposed regulation adopted in one form or another, or we’ll be heading back to the drawing board.

More from Phil Lee

Opinion

Can Plaintiffs’ Lawyers Fill the Role of a DPA?

By Jeff Kosseff, CIPP/US

In recent months, authors on this blog have argued about whether the Federal Trade Commission (FTC) or state attorneys general serve as the de facto data protection authority in the U.S.

Both sides are correct.  The FTC and state attorneys general help set the general requirements for privacy and data security, just as DPAs do in Europe.  But another group is playing a role in the shaping of U.S. privacy and not always in a way that benefits society.

More from Jeff Kosseff

Opinion

Legal Reform Is Needed on Both Sides of the Atlantic, Not Just in Europe

I recall that in the 1990s and early 2000s, it was often a struggle to get people outside of Europe to take EU data protection law seriously. The perceived lack of enforcement in the EU, and the dynamic legislative climate in the U.S., meant that more attention was given to U.S. developments.

The situation is now reversed, and there has been intense interest in the European Commission’s proposal for a General Data Protection Regulation published in January 2012, and in related developments such as calls for reform of the EU-U.S. Safe Harbor. U.S.-based lobbyists have descended in hordes on the EU institutions; U.S. government representatives travel to Brussels to lobby the EU, and U.S. authors publish articles and papers on complex issues of EU law. Brussels has become the center of the global privacy world.

This causes us in Europe to wonder: Why doesn’t the U.S. work as hard to improve its own privacy law as it does to lobby for changes in the EU?

More from Christopher Kuner

EU Data Protection

What Next for the EU Regulation?

By Eduardo Ustaran, CIPP/E
Logo for the Council of the European Union

After nearly two years of deliberations, the European Parliament has come out of the legislative closet with its proposed view for a new EU data privacy framework. In many respects, the Parliament has surprised many of its critics by delivering a draft proposal which is more measured than the European Commission’s original text. On the whole, however, the Parliament’s draft represents a powerful statement in favour of people’s ability to control their own data.

More from Eduardo Ustaran