Having trouble receiving the Privacy Advisor in your inbox? Click here for troubleshooting tips.
Global Privacy Dispatches
ITALY—Garante Addresses Medical Research, Welfare Positions Issues
The Garante, Italy’s Data Protection Authority (IDPA), has released three decisions related to research and a register of welfare positions.
ITALY—Garante Releases Enforcement Activity Report
The Garante, the Italian Data Protection Authority (IDPA), has released information on enforcement activity in Italy in 2013 and its relevant plan of inspections for the first semester of 2014.
CANADA—Anti-Spam Legislation To Come Into Force
After much discussion and consultation on the accompanying Regulations, Canada’s anti-spam legislation is about to take full effect. While the CRTC had previously published its regulations on March 28, 2012, the Electronic Commerce Protection Regulation was finally published on December 4, 2013.
UK—Government Department Fined 185,000 GBPs After Terrorist Incident Data Sold at Auction
A government department has been fined after a filing cabinet containing personal information relating to victims of a terrorist incident was sold at auction.
NEW ZEALAND—Privacy Reflections/Predictions for 2014
The high-profile privacy breaches of 2012-13 have shed an unprecedented light on personal information in New Zealand. Outgoing Privacy Commissioner Marie Shroff is leaving the role at a time when protecting personal information, a cause she has actively championed over the past 10 years, is at the forefront of public awareness and is top-of-mind for policy analysts, legislators and businesses alike.
NEW ZEALAND—Will the Tide Turn in 2014?
Last year was not a good one for New Zealand privacy-wise. While Australia forged ahead enacting legislation covering issues such as cross-border controls for personal data and introducing measures to implement breach notification, the government in New Zealand, by contrast, has been dragging its feet and instead adopted a raft of measures diminishing existing privacy protections. This article briefly reviews developments in New Zealand in 2013 and ventures some predictions as to what may lie in store in 2014.
AUSTRALIA—Australia Legislates for Privacy by Design
In March, Australia will be overhauling its privacy laws. One of the key features of the new regime means Australia will become one of the first jurisdictions to effectively legislate for the concept of Privacy by Design.
Privacy News (September 1, 2007)
The Information Commissioner's Office (ICO) is launching a consultation on its new Data Protection Strategy, which sets out how the ICO intends to achieve its task of minimizing data protection risk. The strategy is concerned with maximizing the ICO's long-term effectiveness in bringing about good practice. It explains how the ICO will focus its data protection resources where there is the greatest risk of harm through improper use of personal information.
Ask the Privacy Expert (September 1, 2007)
Internal investigations have become an integral part of managing an organization as employers confront an increasingly wide range of employee misconduct. Because investigators often surreptitiously collect information which the target considers private and the results of which can ruin a career, internal investigations can expose an employer to civil, and even criminal, liability as well as bad publicity. What are some of the steps which can be taken to reduce an organization's exposure?
Notes From the Executive Director (September 1, 2007)
While the U.S. Congress has yet to take action this year to adopt a California-style security breach notification law, the state's ground-breaking statute is making a significant global impact as the UK, Australia, New Zealand and Canada mull notification mandates similar to SB-1386.
New Liability Under State Law Stresses Need for Strong Data Security for Payment Card Data (September 1, 2007)
Merchants striving to comply with the Payment Card Industry Data Security Standards (PCI DSS) now have additional reason to focus on the security of payment card data. In late May, Minnesota became the first state to hold merchants strictly liable for costs incurred by financial institutions who assist consumers following the discovery of a security breach.
Global Privacy Dispatches (September 1, 2007)
Biometric data of foreigners entering Australia will be stored in a central repository for identification, verification and cross-checking by departments of the Australia Government. The Department of Immigration and Citizenship (DIAC) is expected to provide a single source of identification for all DIAC clients. The 3-year management strategy is covered under the Migration Legislation Amendment (Identification and Authentication) Act of 2004 and will employ facial, iris scanning and fingerprinting for foreigners entering Australia. DIAC reports that identify fraud cost Australia about $1 billion per year.
National Research Council Report Discusses Possible Future of Privacy Regulation in the U.S. (September 1, 2007)
The prestigious National Research Council (NRC) recently issued a comprehensive report on privacy and technology in the digital age. In addition to providing a very thoughtful and detailed overview of privacy, the report outlines the need for a national privacy commissioner or standing privacy commission to provide ongoing and periodic assessments of privacy developments.
¡Viva La Privacidad! (September 1, 2007)
With so much data privacy activity focused on the United States, the European Union (EU) and Asia, it's easy to overlook our neighbors to the south — Latin America. Ironically, the region has some of the most unique and diverse privacy laws in the world, along with a growing need for more.
Electronically Stored Information in Litigation (September 1, 2007)
During the past two decades, privacy professionals have witnessed technological changes in the way business records are created, maintained and regulated, requiring adaptations to their privacy management practices. During that time, parties to litigation and the courts have wrestled with the issues surrounding electronic documents.
VIEWPOINT: The Healthcare Privacy Debate Heats Up (September 1, 2007)
While Congress and many others continue to discuss the appropriateness of the current enforcement approach to healthcare privacy, a broader debate is developing as to whether the existing privacy rules are reasonable and effective in today's evolving healthcare information environment. Several key recent developments are making this debate more interesting and more active — leading to the realistic possibility that we may see new privacy rules for the healthcare industry (and the many others who use healthcare information) in the near future.
IAPP in the News (September 1, 2007)
One of the world's preeminent futurists, Paul Saffo, author and information architect, Alex Wright, and Scott Charney, Corporate Vice President of Microsoft's Trustworthy Computing Group, will deliver keynotes at the IAPP Privacy Academy 2007, Oct. 22-24, in San Francisco.
KnowledgeNet (September 1, 2007)
Don Gemberling, the former Director of the Information Policy Analysis, Division of the State of Minnesota Department of Administration, made a presentation to the Twin Cities KnowledgeNet on July 18 at the Ernst & Young offices in Minneapolis. Before his retirement in 2005, Gemberling was often introduced as the "world's oldest living privacy bureaucrat" because of his work with the development and administration of the Minnesota Government Data Practices Act, the nation's first combined fair information practices and freedom of information statute.