Having trouble receiving the Privacy Advisor in your inbox? Click here for troubleshooting tips.
Global Privacy Dispatches
POLAND—DPA vs. Google on the Information Security Administrator
The Supreme Administrative Court, in its judgment of 21 February, supported the position adopted by the Polish Data Protection Authority (DPA) in its decision issued towards Google, Inc.
UK—ICO Issues 50,000 GBP Fine for Unsolicited Calls
The Information Commissioner’s Office has fined home improvement company Amber Windows 50,000 GBP after an investigation discovered they had made unsolicited marketing calls to individuals who had registered with the Telephone Preference Service.
UK—ICO Publishes Plans for 2014-17
The UK Information Commissioner’s Office has published its three-year corporate plan, setting out how it intends to address and tackle the challenges it faces in information regulation.
UK—Disclosure and Barring Service Warned After Collecting Unnecessary Sensitive Data
The UK Information Commissioner’s Office has ruled that the Disclosure and Barring Service breached the Data Protection Act after failing to stop the collection of information about convictions that were no longer required for employment checks.
FRANCE—Expansion of CNIL Investigation Powers Confirmed
In the past few years, the French data protection authority (CNIL) has made itself known for its on-site investigation powers by coming unannounced to the premises of businesses to perform interviews and searches in order to assess compliance with the French Data Protection Act.
FRANCE—The End of Aggressive Cold-Calling?
The new consumer act of March 17 is now in force. Among its key measures, it plans the creation of a centralized do-not call list.
HUNGARY—Hungarian DPA Suggests Refinements in IT Policies
In a recent case, the Hungarian Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság or NAIH) investigated a case where a company had to access its employee’s laptop for compliance reasons and imposed a fine of HUF 1,500,000 (approximately 5,000 euros) for unlawful data processing.
UK—Marketing Companies Punished for Hiding Identity While Making Nuisance Calls
The Information Commissioner's Office (ICO) has ordered two telephone marketing companies to change their practices after more than 100 complaints were made to the ICO that the companies were making nuisance marketing calls.
UK—British Pregnancy Advice Service Fined for Serious Data Breach
The British Pregnancy Advice Service (BPAS) has been fined 200,000 GBPs after a serious breach of the Data Protection Act (DPA) revealed thousands of people's personal details to a malicious hacker.
Toward a More Secure Information Society: The European Commission's Latest Views (August 1, 2006)
In a recent communication titled, "A Strategy for a Secure Information Society - Dialogue, Partnership and Empowerment" (COM(2006)251), the European Commission underscores the importance of continuous cooperation among different stakeholders to improve and information security (NIS). This communication is mainly aimed at "updating" the Commission's previous strategy - which dates from 2001 - in light of the newest security challenges that the Information Society is facing today.
Notes from the Executive Director (August 1, 2006)
Soon after the story broke that AOL had inadvertently released search data for research purposes, it was clear that there would be swift and certain consequences.
Close-Up On Recent State Action: States Continue To Pass Security Breach Notification Laws (August 1, 2006)
Internet bills were drastically amended in California; the Florida Legislature presented a bill to create criminal penalties for sending false or misleading electronic mail; New Hampshire and Hawaii passed bills related to sending notices for security breaches; New York passed the Anti-Phishing Act of 2006 and the Modem Hijacking Deterrence Act; Louisiana passed a bill to make fraudulent use of another's personal identifying information illegal and is considering a spyware bill; industry is concerned about broad language in New Jersey's spyware bill.
Microsoft Case Study (August 1, 2006)
"Microsoft has been a leader and active participant in the 'layered' privacy notice initiative, with MSN being one of the first sites to adopt this approach. We believe that the layered privacy notice represents a significant step forward in the area of privacy disclosures and will make it much easier for users to understand a company's privacy practices and to make informed decisions.
Knowledgenet - "Salsa and Sushi" for Breakfast at Ernst & Young's Ft. Lauderdale Office (August 1, 2006)
Peggy Eisenhauer, CIPP, and the founder of Privacy & Information Management Services - Margaret P. Eisenhauer, P.C., inaugurated the first Florida KnowledgeNet on July 19th with a presentation titled, "Salsa and Sushi." Eisenhauer's presentation addressed the current state of privacy in Mexico, Central and Latin America and the APEC (Asian Pacific Economic Cooperation) countries.
Congratulations, Certified Professionals! (August 1, 2006)
The following individuals successfully passed the CIPP and CIPP/G examinations this summer. Please join IAPP in saluting our newest graduates in an ever-growing class of IAPP certified professionals!
HP/IAPP Privacy Innovation Awards (August 1, 2006)
The IAPP, in conjunction with award sponsor HP, have announced a call for entries for the 2006 Privacy Innovation Award.
D.C. KnowledgeNet Generates Coverage (August 1, 2006)
A reporter with the National Journal's Tech Daily joined privacy pros in late July for a networking session, "RFID Technology and Privacy Best Practices for Its Deployment."
New DHS Privacy Chief Vows to Sit for CIPP Exam (August 1, 2006)
Hugo Teufel, the new DHS Chief Privacy Officer, told a GovExec.com reporter that he planned to sit for the CIPP test. The reporter, Daniel Pulliam, noted in his article that a CIPP credential is a "certification demonstrating the mastery of a standard body of knowledge relating to privacy law."
Privacy Commissioner of Canada Awards $388,319 for Research on Privacy Issues (August 1, 2006)
The Privacy Commissioner of Canada, Jennifer Stoddart, announced that 11 organizations will be awarded a total of $388,319 through her Office's Contributions Program for research into emerging privacy issues, including surveillance technologies, privacy policies aimed at children and the use of DNA in the criminal justice system.
Ontario's Privacy Chief Issues RFID Privacy Guidelines (August 1, 2006)
Dr. Ann Cavoukian, Ontario's Information and Privacy Commissioner, this summer issued a report, "Privacy Guidelines for RFID Information Systems," intended to serve as privacy "best practices" for organizations designing and operating Radio Frequency Identification (RFID) information technologies and systems.
DHS Secretary Appoints New CPO (August 1, 2006)
Homeland Security Secretary Michael Chertoff has appointed Hugo Teufel III as the Chief Privacy Officer of the Department of Homeland Security (DHS).