Privacy Advisor

Having trouble receiving the Privacy Advisor in your inbox? Click here for troubleshooting tips.

Global Privacy Dispatches

FRANCE—Expansion of CNIL Investigation Powers Confirmed
In the past few years, the French data protection authority (CNIL) has made itself known for its on-site investigation powers by coming unannounced to the premises of businesses to perform interviews and searches in order to assess compliance with the French Data Protection Act. Read More
FRANCE—The End of Aggressive Cold-Calling?
The new consumer act of March 17 is now in force. Among its key measures, it plans the creation of a centralized do-not call list. Read More
HUNGARY—Hungarian DPA Suggests Refinements in IT Policies
In a recent case, the Hungarian Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság or NAIH) investigated a case where a company had to access its employee’s laptop for compliance reasons and imposed a fine of HUF 1,500,000 (approximately 5,000 euros) for unlawful data processing. Read More
UK—Marketing Companies Punished for Hiding Identity While Making Nuisance Calls
The Information Commissioner's Office (ICO) has ordered two telephone marketing companies to change their practices after more than 100 complaints were made to the ICO that the companies were making nuisance marketing calls. Read More
UK—British Pregnancy Advice Service Fined for Serious Data Breach
The British Pregnancy Advice Service (BPAS) has been fined 200,000 GBPs after a serious breach of the Data Protection Act (DPA) revealed thousands of people's personal details to a malicious hacker. Read More
UK—ICO Publishes Updated PIA Guidance
The UK Information Commissioner's Office has published its updated Privacy Impact Assessment (PIA) Code of Practice to help organisations comply with their data protection law obligations when they change the way that they use personal data. Read More
ITALY—Garante Addresses Medical Research, Welfare Positions Issues
The Garante, Italy’s Data Protection Authority (IDPA), has released three decisions related to research and a register of welfare positions.

Read More
ITALY—Garante’s Provision on Mobile Payment Services
On December 12, 2013, the Italian Data Protection Authority (Garante) issued a draft general provision on the processing of personal data in the context of mobile remote payment services. This new provision sets the rules for the processing of information about users who purchase digital services and products and pay for them remotely via their phone bills. Read More
ITALY—Garante Addresses Medical Research, Welfare Positions Issues
The Garante, Italy’s Data Protection Authority (IDPA), has released three decisions related to research and a register of welfare positions. Read More
Notes From the Executive Director (August 1, 2007)
As summer draws to a close, IAPP staffers are busy making plans to provide all of our members top-notch opportunities to network, educate and certify during the second half of 2007 and beyond. From the time-tested results of the IAPP's annual anchor events — the Privacy Summit and Academy — to new events we are adding to our lineup, we are working eagerly to offer the tools you need to better serve your companies and customers.
Privacy News (August 1, 2007)
Information and Privacy Commissioner of Ontario Ann Cavoukian, Ph.D., and Alex Stoianov, Ph.D., an internationally recognized biometrics scientist, have published a joint research paper, Biometric Encryption: A Positive Sum Technology That Achieves Strong Authentication, Security AND Privacy.
IAPP in the News (August 1, 2007)
A recent Computer- world UK writer covered a Commons Home Affairs Committee hearing focused on the "surveillance society" at which IAPP member Randal Gainer, Partner, Davis Wright Tremaine LLP and J. Trevor Hughes, CIPP, Executive Director of the IAPP, gave testimony and took questions during the IAPP Delegate Tour to Europe in June.
Ask the Privacy Expert (August 1, 2007)
How does the recent Article 29 Working Party Opinion on the meaning of "personal data" affect our understanding of the scope of the European Data Protection Directive?
Valuable Insights Make IAPP's New Practical Privacy Series a Success (August 1, 2007)
More than 150 privacy professionals gathered in New York City June 27-28 for the IAPP's first-ever 2-day Practical Privacy Series. The series covered cutting-edge topics on security breach notice, risk mitigation and crisis management. The conference also included sessions on Financial and Health industry concerns.
Global Privacy Dispatches (August 1, 2007)
The second technical seminar was held in Cairns, Australia on June 25-26. Approximately 11 economies were represented by some 100 delegates who attended.
Use ISO 17799 to Improve Security and Minimize Risks (August 1, 2007)
Most organizations are dependent upon their information and business systems, leaving them exposed to critical loss in the aftermath of a security breach. Fortunately, by implementing an information security management system (ISMS), as outlined in the only internationally accepted standard/code to address information security, a business can significantly reduce the risk of a security breach.
PERSPECTIVE: Growing U.S.-EU Privacy Clashes: Time for a New Cross-Border Solution? (August 1, 2007)
In the past two years, the U.S. and the EU have found themselves at odds on at least six different types of EU personal data transfers to the U.S. Europeans generally have viewed these transfers as disproportionate for the intended purposes, violating the very sense of privacy.