Privacy Advisor

Having trouble receiving the Privacy Advisor in your inbox? Click here for troubleshooting tips.

Global Privacy Dispatches

FRANCE—Expansion of CNIL Investigation Powers Confirmed
In the past few years, the French data protection authority (CNIL) has made itself known for its on-site investigation powers by coming unannounced to the premises of businesses to perform interviews and searches in order to assess compliance with the French Data Protection Act. Read More
FRANCE—The End of Aggressive Cold-Calling?
The new consumer act of March 17 is now in force. Among its key measures, it plans the creation of a centralized do-not call list. Read More
HUNGARY—Hungarian DPA Suggests Refinements in IT Policies
In a recent case, the Hungarian Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság or NAIH) investigated a case where a company had to access its employee’s laptop for compliance reasons and imposed a fine of HUF 1,500,000 (approximately 5,000 euros) for unlawful data processing. Read More
UK—Marketing Companies Punished for Hiding Identity While Making Nuisance Calls
The Information Commissioner's Office (ICO) has ordered two telephone marketing companies to change their practices after more than 100 complaints were made to the ICO that the companies were making nuisance marketing calls. Read More
UK—British Pregnancy Advice Service Fined for Serious Data Breach
The British Pregnancy Advice Service (BPAS) has been fined 200,000 GBPs after a serious breach of the Data Protection Act (DPA) revealed thousands of people's personal details to a malicious hacker. Read More
UK—ICO Publishes Updated PIA Guidance
The UK Information Commissioner's Office has published its updated Privacy Impact Assessment (PIA) Code of Practice to help organisations comply with their data protection law obligations when they change the way that they use personal data. Read More
ITALY—Garante Addresses Medical Research, Welfare Positions Issues
The Garante, Italy’s Data Protection Authority (IDPA), has released three decisions related to research and a register of welfare positions.

Read More
ITALY—Garante’s Provision on Mobile Payment Services
On December 12, 2013, the Italian Data Protection Authority (Garante) issued a draft general provision on the processing of personal data in the context of mobile remote payment services. This new provision sets the rules for the processing of information about users who purchase digital services and products and pay for them remotely via their phone bills. Read More
ITALY—Garante Addresses Medical Research, Welfare Positions Issues
The Garante, Italy’s Data Protection Authority (IDPA), has released three decisions related to research and a register of welfare positions. Read More
The P2P Threat: What Companies Need to Know (November 1, 2007)
Right now, employees and contractors are accessing and disseminating confidential corporate information in ways that may be harmful to their employers. Some employees are acting intentionally or even maliciously; others are compromising proprietary and confidential information inadvertently and ignorantly. In either case, the consequences to employers can be catastrophic.
VIEWPOINT: Data Security Council of India (November 1, 2007)
India currently occupies the leading position in the IT outsourcing and Business Process Outsourcing (BPO) industry. India's total revenue due to IT and BPO outsourcing was US$33 billion, which is estimated to grow to US $60 billion by the year 2010. Increasing amounts of personal information is thus flowing to India from many countries.
The Privacy Advisor Catches Up with Author Alex Wright (November 1, 2007)
The Privacy Advisor interviewed Alex Wright, author of "GLUT: Mastering Information Through the Ages." Wright is a writer and information architect who has led information architecture initiatives for The New York Times, Harvard University, IBM, Microsoft, The Long Now Foundation, Internet Archive, and Yahoo!, among others.
KnowledgeNet (November 1, 2007)
IAPP's second Florida KnowledgeNet gathered recently for a special presentation by Thomas Campbell, Special Agent of the U.S. Secret Service's Cyber Crime Team.
Notes From the Executive Director (November 1, 2007)
Earlier this month, the UK government flatly rejected calls for a security breach notification law — a move that angered the members of the House of Lord Science and Technology Committee. The committee pushed for such a law as part of a comprehensive package of changes it said was necessary to assure the continued success and confidence in the Internet.
IAPP in the News (November 1, 2007)
The IAPP is pleased to announce the appointment of 16 Canadian privacy professionals who will comprise the new Canadian Education Advisory Board.
Privacy News (November 1, 2007)
In the spring of 2007, Professor Dimitrios Hatzinakos, Faculty of Applied Science and Engineering, University of Toronto, joined by colleagues from the faculties of Arts and Science and Information Studies, created a new initiative at the University of Toronto focusing on identity, privacy and security. The Identity, Privacy and Security Initiative (IPSI) was established to carry out a pioneering, interdisciplinary program of research, education, outreach, industry collaboration and technology transfer with emphasis on technology, policy and science.
Global Privacy Dispatches (November 1, 2007)
On Sept. 25, 2007, the Canadian federal privacy commissioner and the Alberta information and privacy commissioner issued a report on the joint investigation into the TJX/WMI breach. The purpose of the investigation was to examine the collection, retention and safeguarding practices of the organization, in order to determine whether the breach could have been prevented.