Privacy Advisor

Having trouble receiving the Privacy Advisor in your inbox? Click here for troubleshooting tips.

Global Privacy Dispatches

POLAND—DPA vs. Google on the Information Security Administrator
The Supreme Administrative Court, in its judgment of 21 February, supported the position adopted by the Polish Data Protection Authority (DPA) in its decision issued towards Google, Inc. Read More
UK—ICO Issues 50,000 GBP Fine for Unsolicited Calls
The Information Commissioner’s Office has fined home improvement company Amber Windows 50,000 GBP after an investigation discovered they had made unsolicited marketing calls to individuals who had registered with the Telephone Preference Service. Read More
UK—ICO Publishes Plans for 2014-17
The UK Information Commissioner’s Office has published its three-year corporate plan, setting out how it intends to address and tackle the challenges it faces in information regulation. Read More
UK—Disclosure and Barring Service Warned After Collecting Unnecessary Sensitive Data
The UK Information Commissioner’s Office has ruled that the Disclosure and Barring Service breached the Data Protection Act after failing to stop the collection of information about convictions that were no longer required for employment checks. Read More
FRANCE—Expansion of CNIL Investigation Powers Confirmed
In the past few years, the French data protection authority (CNIL) has made itself known for its on-site investigation powers by coming unannounced to the premises of businesses to perform interviews and searches in order to assess compliance with the French Data Protection Act. Read More
FRANCE—The End of Aggressive Cold-Calling?
The new consumer act of March 17 is now in force. Among its key measures, it plans the creation of a centralized do-not call list. Read More
HUNGARY—Hungarian DPA Suggests Refinements in IT Policies
In a recent case, the Hungarian Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság or NAIH) investigated a case where a company had to access its employee’s laptop for compliance reasons and imposed a fine of HUF 1,500,000 (approximately 5,000 euros) for unlawful data processing. Read More
UK—Marketing Companies Punished for Hiding Identity While Making Nuisance Calls
The Information Commissioner's Office (ICO) has ordered two telephone marketing companies to change their practices after more than 100 complaints were made to the ICO that the companies were making nuisance marketing calls. Read More
UK—British Pregnancy Advice Service Fined for Serious Data Breach
The British Pregnancy Advice Service (BPAS) has been fined 200,000 GBPs after a serious breach of the Data Protection Act (DPA) revealed thousands of people's personal details to a malicious hacker. Read More
Notes From the Executive Director (August 1, 2007)
As summer draws to a close, IAPP staffers are busy making plans to provide all of our members top-notch opportunities to network, educate and certify during the second half of 2007 and beyond. From the time-tested results of the IAPP's annual anchor events — the Privacy Summit and Academy — to new events we are adding to our lineup, we are working eagerly to offer the tools you need to better serve your companies and customers.
Privacy News (August 1, 2007)
Information and Privacy Commissioner of Ontario Ann Cavoukian, Ph.D., and Alex Stoianov, Ph.D., an internationally recognized biometrics scientist, have published a joint research paper, Biometric Encryption: A Positive Sum Technology That Achieves Strong Authentication, Security AND Privacy.
IAPP in the News (August 1, 2007)
A recent Computer- world UK writer covered a Commons Home Affairs Committee hearing focused on the "surveillance society" at which IAPP member Randal Gainer, Partner, Davis Wright Tremaine LLP and J. Trevor Hughes, CIPP, Executive Director of the IAPP, gave testimony and took questions during the IAPP Delegate Tour to Europe in June.
Ask the Privacy Expert (August 1, 2007)
How does the recent Article 29 Working Party Opinion on the meaning of "personal data" affect our understanding of the scope of the European Data Protection Directive?
Valuable Insights Make IAPP's New Practical Privacy Series a Success (August 1, 2007)
More than 150 privacy professionals gathered in New York City June 27-28 for the IAPP's first-ever 2-day Practical Privacy Series. The series covered cutting-edge topics on security breach notice, risk mitigation and crisis management. The conference also included sessions on Financial and Health industry concerns.
Global Privacy Dispatches (August 1, 2007)
The second technical seminar was held in Cairns, Australia on June 25-26. Approximately 11 economies were represented by some 100 delegates who attended.
Use ISO 17799 to Improve Security and Minimize Risks (August 1, 2007)
Most organizations are dependent upon their information and business systems, leaving them exposed to critical loss in the aftermath of a security breach. Fortunately, by implementing an information security management system (ISMS), as outlined in the only internationally accepted standard/code to address information security, a business can significantly reduce the risk of a security breach.
PERSPECTIVE: Growing U.S.-EU Privacy Clashes: Time for a New Cross-Border Solution? (August 1, 2007)
In the past two years, the U.S. and the EU have found themselves at odds on at least six different types of EU personal data transfers to the U.S. Europeans generally have viewed these transfers as disproportionate for the intended purposes, violating the very sense of privacy.