Having trouble receiving the Privacy Advisor in your inbox? Click here for troubleshooting tips.
Global Privacy Dispatches
ITALY—Garante Addresses Medical Research, Welfare Positions Issues
The Garante, Italy’s Data Protection Authority (IDPA), has released three decisions related to research and a register of welfare positions.
ITALY—Garante Releases Enforcement Activity Report
The Garante, the Italian Data Protection Authority (IDPA), has released information on enforcement activity in Italy in 2013 and its relevant plan of inspections for the first semester of 2014.
CANADA—Anti-Spam Legislation To Come Into Force
After much discussion and consultation on the accompanying Regulations, Canada’s anti-spam legislation is about to take full effect. While the CRTC had previously published its regulations on March 28, 2012, the Electronic Commerce Protection Regulation was finally published on December 4, 2013.
UK—Government Department Fined 185,000 GBPs After Terrorist Incident Data Sold at Auction
A government department has been fined after a filing cabinet containing personal information relating to victims of a terrorist incident was sold at auction.
NEW ZEALAND—Privacy Reflections/Predictions for 2014
The high-profile privacy breaches of 2012-13 have shed an unprecedented light on personal information in New Zealand. Outgoing Privacy Commissioner Marie Shroff is leaving the role at a time when protecting personal information, a cause she has actively championed over the past 10 years, is at the forefront of public awareness and is top-of-mind for policy analysts, legislators and businesses alike.
NEW ZEALAND—Will the Tide Turn in 2014?
Last year was not a good one for New Zealand privacy-wise. While Australia forged ahead enacting legislation covering issues such as cross-border controls for personal data and introducing measures to implement breach notification, the government in New Zealand, by contrast, has been dragging its feet and instead adopted a raft of measures diminishing existing privacy protections. This article briefly reviews developments in New Zealand in 2013 and ventures some predictions as to what may lie in store in 2014.
AUSTRALIA—Australia Legislates for Privacy by Design
In March, Australia will be overhauling its privacy laws. One of the key features of the new regime means Australia will become one of the first jurisdictions to effectively legislate for the concept of Privacy by Design.
Nymity's Short Notice Guide - Privacy Fact Statements (September 1, 2006)
A short notice is a summary of an organization's privacy policies and procedures that is made available to consumers. Short notices are usually used when there are physical limitations to providing full notice, for example in coupons, marketing forms, surveys or customer mailers; to provide clarity to a consumer with a summary of the key elements in a readily available full notice (recommended); or when an organization chooses not to be transparent about its privacy policies and procedures and instead provides the minimal information believed to be required (not recommended).
Q&A: Ask the Privacy Expert - ListServs Serve Up Solutions (September 1, 2006)
Kudos to those who are taking advantage of the IAPP's Working Group ListServs! With a focus on addressing challenges in distinct industry sectors, The Privacy Advisor will now share informative Working Group Questions and Answers to benefit the broader membership.
The Puck Drops Next Month On Privacy for the IAPP's Academy in Toronto (September 1, 2006)
Interest in the IAPP Privacy Academy 2006 continues to build impressively for the first conference the IAPP has ever hosted outside the U.S. At the current pace of registrations, we expect the Toronto Academy to surpass the attendance of any IAPP conference to date.
An Interview with the Experts on the Cost of Ensuring Security of Data (September 1, 2006)
Featuring: Avivah Litan, Vice President and distinguished analyst at Gartner Group, with a fifteen-year professional background at the World Bank as a senior manager. She was a consultant for two years at Booz, Allen Hamilton and also spent a year as a systems analyst at Sperry Univac; she also has 26 years of experience in the IT industry, specifically in security and privacy issues.
Web Watch - Potential Privacy and Security Issues in Outsourcing Web Application Development (September 1, 2006)
As IT budgets continue to be squeezed and organizations struggle to find new ways to grow and innovate, outsourcing moves higher on the CIO's "to do" list. The privacy and security implication of outsourcing relationships is a growing concern for many organizations. Most of this discussion on this topic has focused on the transfer and handling of personal data but one area that has not been well-documented is Web application development. Gartner Inc. cites 75 percent of all attacks on information security are directed at the application level.
American Health Information Community Announces New Work Group (September 1, 2006)
AHIC, a federal advisory panel created by the U.S. Department of Health and Human Services Secretary Mike Leavitt, now divides its research activities between five work groups. The newly formed Confidentiality, Privacy and Security Work Group will focus its efforts on advancing a nationwide network of health information technology.
Showcasing the CPO (September 1, 2006)
When interviewing Harriet Pearson, IBM's Chief Privacy Officer and IAPP Board Member, reporter Elizabeth Agnvall made it clear "it would be difficult to describe Harriet Pearson's job as dull."
Sometimes the Tail Has to Wag the Dog (September 1, 2006)
Vendors that provide Internet technology products or services sometimes find themselves in the strange position of suggesting that changes be made in their clients' Web site privacy policies. As Privacy Compliance Officer for a company that has, over the years, offered ad-serving, volume email delivery, Web site analytics and search technologies, among other services, I have had to explain to our clients why our contracts require them to disclose in their privacy policies their use of our technologies.
The German Data Protection Implications of International Group-Wide HR Databases (September 1, 2006)
Many German companies intend to introduce, or already have in place, IT-based systems for administrating their employee relationships. Apart from the storage of the employee's basic data (i.e., name, address etc.), such databases often serve further purposes, such as the recording of the employee's work hours and reviews of their performance. In groups of companies, these databases are mostly centralized.
Notes from the Executive Director (September 1, 2006)
By now, most of you have likely heard the news that one of the pioneers of privacy, Alan F. Westin, has decided to cease the operations of Privacy & American Business (P&AB). ... The IAPP recognized Dr. Westin's contributions to the field of privacy over his entire career with the 2005 Privacy Leadership Award.