Having trouble receiving the Privacy Advisor in your inbox? Click here for troubleshooting tips.
Global Privacy Dispatches
ITALY—Garante Addresses Medical Research, Welfare Positions Issues
The Garante, Italy’s Data Protection Authority (IDPA), has released three decisions related to research and a register of welfare positions.
ITALY—Garante Releases Enforcement Activity Report
The Garante, the Italian Data Protection Authority (IDPA), has released information on enforcement activity in Italy in 2013 and its relevant plan of inspections for the first semester of 2014.
CANADA—Anti-Spam Legislation To Come Into Force
After much discussion and consultation on the accompanying Regulations, Canada’s anti-spam legislation is about to take full effect. While the CRTC had previously published its regulations on March 28, 2012, the Electronic Commerce Protection Regulation was finally published on December 4, 2013.
UK—Government Department Fined 185,000 GBPs After Terrorist Incident Data Sold at Auction
A government department has been fined after a filing cabinet containing personal information relating to victims of a terrorist incident was sold at auction.
NEW ZEALAND—Privacy Reflections/Predictions for 2014
The high-profile privacy breaches of 2012-13 have shed an unprecedented light on personal information in New Zealand. Outgoing Privacy Commissioner Marie Shroff is leaving the role at a time when protecting personal information, a cause she has actively championed over the past 10 years, is at the forefront of public awareness and is top-of-mind for policy analysts, legislators and businesses alike.
NEW ZEALAND—Will the Tide Turn in 2014?
Last year was not a good one for New Zealand privacy-wise. While Australia forged ahead enacting legislation covering issues such as cross-border controls for personal data and introducing measures to implement breach notification, the government in New Zealand, by contrast, has been dragging its feet and instead adopted a raft of measures diminishing existing privacy protections. This article briefly reviews developments in New Zealand in 2013 and ventures some predictions as to what may lie in store in 2014.
AUSTRALIA—Australia Legislates for Privacy by Design
In March, Australia will be overhauling its privacy laws. One of the key features of the new regime means Australia will become one of the first jurisdictions to effectively legislate for the concept of Privacy by Design.
Implementing the APEC Privacy Framework: A New Approach (December 1, 2005)
The Asia-Pacific Economic Cooperation forum comprises 21 economies around the Pacific Ocean, including very significant economies such as the United States, Canada, China, Japan, South Korea, Australia and others. APEC Ministers have endorsed an APEC Privacy Framework.The Framework is a different document from the EU Privacy Directive.
IAPP Participates as Education Sponsor of Infosecurity New York (December 1, 2005)
IAPP leadership, staff and members attended Infosecurity New York in December. The event attracted many hundreds of security and privacy professionals attendees to the Jacob K. Javits Convention Center in New York City. Now in its fifth year, the conference consisted of more than eighty tracks on the top security topics, including emerging threats, compliance, wireless security and privacy. The IAPP hosted nine track sessions on timely issues of identity theft legislation, the privacy implications of data breaches, privacy and national security and online privacy issues such as spam and spyware.
New IAPP Faces (December 1, 2005)
The IAPP is fortunate to have Margie Lesage come aboard after this New England native moved from the mountains of New Hampshire to the Maine Coast.
"It was a longtime dream to live in York," said Margie, who became the IAPP's Office Manager in October when Jen Chapman moved into a new position as Registrar. Margie set sail for the coast after a 10-year career with Sport Graphics in West Boylston, Mass., a sports photography company that specializes in regattas.
Notes from the Executive Director (December 1, 2005)
As 2005 draws to a close, we will remember this year for the multitude of data breaches because they have led to dramatic enlightenment about the privacy pro's core mission and critical importance in the marketplace — here and internationally as well. With more than 80 data breaches this year, some U.S. lawmakers and regulators have been clamoring for bills to give consumers some protection from the escalating incidents. More than a dozen bills have been introduced in Congress this year and 32 state legislatures have proposed legislation to help protect consumers.
Acxiom Strengthens Its Privacy Leadership (December 1, 2005)
Acxiom® Corp. has made several significant leadership appointments as part of its continuing efforts to protect data privacy and security. The company's Chief Privacy Officer Jennifer Barrett has been named Global Privacy Officer. Sheila Colclasure, business leader for privacy practices and solutions, will assume the role of privacy officer for North and South America. Barbara Sullivan, privacy leader for Australia and New Zealand, has been named chief privacy officer for Asia.
Business Risk Related to Providing Notice (December 1, 2005)
Read the questions corporate Canada has to ask on the business risk related to providing notice. Questions include: "What are the risks associated with providing notice to our customers that we transfer their personal information to the U.S.?" "Do we really want to explain to Canadians, or to the media, that their personal information is accessible by U.S. law authorities?"
Guardium, Inc. Joins Data Governance Council Formed By IBM (December 1, 2005)
Guardium, Inc., a leading provider of database security, audit and compliance solutions, has joined the Data Governance Council, a group formed by IBM along with dozens of leading corporations, institutions and technology solution providers. The Council is working to redefine the management of data governance policy, the impact of policy on business processes and practices, and the enforcement of IT infrastructure, information management and organizational behavior. Council members are collaborating on ways to address these issues using IBM and business partner solutions and concepts.
Business Survey Results At A Glance (December 1, 2005)
During an Internal Governance Session in the Second Seminar, an informal survey of a limited number of businesses found that.
Close Up On… States Gearing Up for 2006 Sessions (December 1, 2005)
Lawmakers have begun to pre-file legislation on a myriad of issues in preparation of the 2006 legislative season during which 44 states are scheduled to meet. The 2006 season will begin January 2 when the opening gavel falls in Ohio. All but six states begin their deliberations in January and North Carolina is the final state scheduled to convene with a session set to start May 9.
World Economic Forum Selects Voltage Security as 2006 Technology Pioneer (December 1, 2005)
The World Economic Forum has selected Voltage Security, Inc. as a technology Pioneer for 2006 based on its award-winning technology, Voltage IBE. The Identity-Based Encryption, which greatly simplifies the protection of information, whether it is on servers, laptops or in transit via email, is a public key cryptography system that uses common identities as public keys, eliminating the need for certificates, Certificate Revocation Lists and other costly infrastructure.
Congratulations to our Graduates! (December 1, 2005)
Congratulations to our Graduates! See the list of IAPP recent graduates of the Certified Information Privacy Professional (CIPP) and Certified Information Privacy Professional/Government (CIPP/G) credentialing programs.
Consumers Still Don't Trust the Internet (December 1, 2005)
It just keeps coming, doesn't it? Consumers increasingly are voicing their concerns about online commerce and marketing, and every month or two brings more data about how they are responding to security and privacy concerns. Recently, Consumer Reports WebWatch brought out a new study, "Leap of Faith:Using the Internet Despite the Dangers." The title is ominous enough — and the report upholds some earlier pessimistic observations about Internet behavior.
Ernst & Young's Global Information Security Survey 2005 Reveals Compliance Concerns Top Tactical Threats (December 1, 2005)
Ernst & Young (E&Y) has conducted its eighth annual Global Information Security Survey (GISS) to uncover the security and privacy vulnerabilities in companies, including phishing, identity theft, SQL injections and basic social engineering. The survey uncovered a gap that continues to widen between the operational capabilities and compliance risks facing companies, and sought to understand the current actions taken by their information security organizations. This is the first year that we have seen compliance concerns trump the more tactical threats, such as viruses, worms and vulnerability management.