Privacy Advisor

Having trouble receiving the Privacy Advisor in your inbox? Click here for troubleshooting tips.

Global Privacy Dispatches

FRANCE—Expansion of CNIL Investigation Powers Confirmed
In the past few years, the French data protection authority (CNIL) has made itself known for its on-site investigation powers by coming unannounced to the premises of businesses to perform interviews and searches in order to assess compliance with the French Data Protection Act. Read More
FRANCE—The End of Aggressive Cold-Calling?
The new consumer act of March 17 is now in force. Among its key measures, it plans the creation of a centralized do-not call list. Read More
HUNGARY—Hungarian DPA Suggests Refinements in IT Policies
In a recent case, the Hungarian Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság or NAIH) investigated a case where a company had to access its employee’s laptop for compliance reasons and imposed a fine of HUF 1,500,000 (approximately 5,000 euros) for unlawful data processing. Read More
UK—Marketing Companies Punished for Hiding Identity While Making Nuisance Calls
The Information Commissioner's Office (ICO) has ordered two telephone marketing companies to change their practices after more than 100 complaints were made to the ICO that the companies were making nuisance marketing calls. Read More
UK—British Pregnancy Advice Service Fined for Serious Data Breach
The British Pregnancy Advice Service (BPAS) has been fined 200,000 GBPs after a serious breach of the Data Protection Act (DPA) revealed thousands of people's personal details to a malicious hacker. Read More
UK—ICO Publishes Updated PIA Guidance
The UK Information Commissioner's Office has published its updated Privacy Impact Assessment (PIA) Code of Practice to help organisations comply with their data protection law obligations when they change the way that they use personal data. Read More
ITALY—Garante Addresses Medical Research, Welfare Positions Issues
The Garante, Italy’s Data Protection Authority (IDPA), has released three decisions related to research and a register of welfare positions.

Read More
ITALY—Garante’s Provision on Mobile Payment Services
On December 12, 2013, the Italian Data Protection Authority (Garante) issued a draft general provision on the processing of personal data in the context of mobile remote payment services. This new provision sets the rules for the processing of information about users who purchase digital services and products and pay for them remotely via their phone bills. Read More
ITALY—Garante Addresses Medical Research, Welfare Positions Issues
The Garante, Italy’s Data Protection Authority (IDPA), has released three decisions related to research and a register of welfare positions. Read More
Toward a More Secure Information Society: The European Commission's Latest Views (August 1, 2006)
In a recent communication titled, "A Strategy for a Secure Information Society - Dialogue, Partnership and Empowerment" (COM(2006)251), the European Commission underscores the importance of continuous cooperation among different stakeholders to improve and information security (NIS). This communication is mainly aimed at "updating" the Commission's previous strategy - which dates from 2001 - in light of the newest security challenges that the Information Society is facing today.
As Outsourcing Grows in India, Privacy Stakeholders Organize to Launch Public Debate on Privacy Protection (August 1, 2006)
As India becomes a leader in Business Process Outsourcing, increasing amounts of personal information from other countries are flowing into the country. India's outsourcing business is expected to grow to $20 billion and employ about 2 million people by 2008. Questions have been raised about the ability of Indian companies to adequately protect this information.
Notes from the Executive Director (August 1, 2006)
Soon after the story broke that AOL had inadvertently released search data for research purposes, it was clear that there would be swift and certain consequences.
Close-Up On Recent State Action: States Continue To Pass Security Breach Notification Laws (August 1, 2006)
Internet bills were drastically amended in California; the Florida Legislature presented a bill to create criminal penalties for sending false or misleading electronic mail; New Hampshire and Hawaii passed bills related to sending notices for security breaches; New York passed the Anti-Phishing Act of 2006 and the Modem Hijacking Deterrence Act; Louisiana passed a bill to make fraudulent use of another's personal identifying information illegal and is considering a spyware bill; industry is concerned about broad language in New Jersey's spyware bill.
Close-Up On Privacy Notices Workshop at the IAPP Privacy Academy 2006: A Nymity White Paper on the Need for a Transparent Approach to Privacy Policies (August 1, 2006)
The following Nymity White Paper will provide some preliminary background for attendees of the IAPP Privacy Academy 2006 in Toronto who plan to attend the advanced session, "Simplified Privacy Notices Workshop." The privacy notices workshop will be held Thurs., Oct. 19. Terry McQuay, CIPP, President of Toronto-based Nymity, Inc., will moderate the panel, which will discuss the U.S. Government Consumer Research Project to develop privacy notices that are easier for consumers to understand, use and compare.
Microsoft Case Study (August 1, 2006)
"Microsoft has been a leader and active participant in the 'layered' privacy notice initiative, with MSN being one of the first sites to adopt this approach. We believe that the layered privacy notice represents a significant step forward in the area of privacy disclosures and will make it much easier for users to understand a company's privacy practices and to make informed decisions.
Knowledgenet - "Salsa and Sushi" for Breakfast at Ernst & Young's Ft. Lauderdale Office (August 1, 2006)
Peggy Eisenhauer, CIPP, and the founder of Privacy & Information Management Services - Margaret P. Eisenhauer, P.C., inaugurated the first Florida KnowledgeNet on July 19th with a presentation titled, "Salsa and Sushi." Eisenhauer's presentation addressed the current state of privacy in Mexico, Central and Latin America and the APEC (Asian Pacific Economic Cooperation) countries.
Congratulations, Certified Professionals! (August 1, 2006)
The following individuals successfully passed the CIPP and CIPP/G examinations this summer. Please join IAPP in saluting our newest graduates in an ever-growing class of IAPP certified professionals!
HP/IAPP Privacy Innovation Awards (August 1, 2006)
The IAPP, in conjunction with award sponsor HP, have announced a call for entries for the 2006 Privacy Innovation Award.
D.C. KnowledgeNet Generates Coverage (August 1, 2006)
A reporter with the National Journal's Tech Daily joined privacy pros in late July for a networking session, "RFID Technology and Privacy Best Practices for Its Deployment."
New DHS Privacy Chief Vows to Sit for CIPP Exam (August 1, 2006)
Hugo Teufel, the new DHS Chief Privacy Officer, told a reporter that he planned to sit for the CIPP test. The reporter, Daniel Pulliam, noted in his article that a CIPP credential is a "certification demonstrating the mastery of a standard body of knowledge relating to privacy law."
IAPP Privacy Academy 2006 Draws Early Coverage (August 1, 2006)
Excitement is building for the IAPP's conference in Toronto as members heed advice to register early and the events gain media coverage.
Privacy Commissioner of Canada Awards $388,319 for Research on Privacy Issues (August 1, 2006)
The Privacy Commissioner of Canada, Jennifer Stoddart, announced that 11 organizations will be awarded a total of $388,319 through her Office's Contributions Program for research into emerging privacy issues, including surveillance technologies, privacy policies aimed at children and the use of DNA in the criminal justice system.
GE Offers ID Theft Protection as a Benefits Plan (August 1, 2006)
Benefit Solutions by GE, a leading provider of employee benefit options, is offering identity theft protection to help employees guard against the menacing risk of fraud.
Ontario's Privacy Chief Issues RFID Privacy Guidelines (August 1, 2006)
Dr. Ann Cavoukian, Ontario's Information and Privacy Commissioner, this summer issued a report, "Privacy Guidelines for RFID Information Systems," intended to serve as privacy "best practices" for organizations designing and operating Radio Frequency Identification (RFID) information technologies and systems.
Japanese Court Orders Payment of 6,000 Yen to Each Plaintiff in Connection with Yahoo! BB Personal Data Leak (August 1, 2006)
On May 19, 2006, the Osaka District Court issued a decision awarding 6,000 yen (approximately $54) to each of the plaintiffs, a small group of subscribers of the Yahoo!BB broadband Internet service, who sued for compensation for the emotional distress that they suffered in connection with the massive security breach that occurred in early 2004.
DHS Secretary Appoints New CPO (August 1, 2006)
Homeland Security Secretary Michael Chertoff has appointed Hugo Teufel III as the Chief Privacy Officer of the Department of Homeland Security (DHS).
Poll: Canadians Favor Strong Laws to Protect Personal Data (August 1, 2006)
Telephone interviews with 1,020 Canadian adults reveals that respondents want strong laws to protect their personal information in an era when they feel they have less protection than a decade ago.
Berkower Leaves DoubleClick For New EVP Position at Chapell & Associates (August 1, 2006)
Chapell & Associates, the leading strategic consulting firm focusing on privacy, marketing and public policy, is proud to announce that Elise Berkower has joined the firm as the Executive Vice President of Privacy Strategy.