Having trouble receiving the Privacy Advisor in your inbox? Click here for troubleshooting tips.
Global Privacy Dispatches
ITALY—Garante Addresses Medical Research, Welfare Positions Issues
The Garante, Italy’s Data Protection Authority (IDPA), has released three decisions related to research and a register of welfare positions.
ITALY—Garante Releases Enforcement Activity Report
The Garante, the Italian Data Protection Authority (IDPA), has released information on enforcement activity in Italy in 2013 and its relevant plan of inspections for the first semester of 2014.
CANADA—Anti-Spam Legislation To Come Into Force
After much discussion and consultation on the accompanying Regulations, Canada’s anti-spam legislation is about to take full effect. While the CRTC had previously published its regulations on March 28, 2012, the Electronic Commerce Protection Regulation was finally published on December 4, 2013.
UK—Government Department Fined 185,000 GBPs After Terrorist Incident Data Sold at Auction
A government department has been fined after a filing cabinet containing personal information relating to victims of a terrorist incident was sold at auction.
NEW ZEALAND—Privacy Reflections/Predictions for 2014
The high-profile privacy breaches of 2012-13 have shed an unprecedented light on personal information in New Zealand. Outgoing Privacy Commissioner Marie Shroff is leaving the role at a time when protecting personal information, a cause she has actively championed over the past 10 years, is at the forefront of public awareness and is top-of-mind for policy analysts, legislators and businesses alike.
NEW ZEALAND—Will the Tide Turn in 2014?
Last year was not a good one for New Zealand privacy-wise. While Australia forged ahead enacting legislation covering issues such as cross-border controls for personal data and introducing measures to implement breach notification, the government in New Zealand, by contrast, has been dragging its feet and instead adopted a raft of measures diminishing existing privacy protections. This article briefly reviews developments in New Zealand in 2013 and ventures some predictions as to what may lie in store in 2014.
AUSTRALIA—Australia Legislates for Privacy by Design
In March, Australia will be overhauling its privacy laws. One of the key features of the new regime means Australia will become one of the first jurisdictions to effectively legislate for the concept of Privacy by Design.
Global Privacy Dispatches- UK- Pension Records Exposed (December 1, 2007)
Unencrypted data on a CD relating to pension information for 15,000 people disappeared on Nov. 9 while in transit from Her Majesty's Revenue and Customs Service and the financial services company Standard Life. The victims have been notified. The exposed personal data includes surnames and initials, as well as National Insurance numbers, birth dates and pension plan numbers.
Global Privacy Dispatches- UK- RFID Monitoring (December 1, 2007)
Ten students at Hungerhill School in Edenthorpe are having their class attendance monitored by RFID chips embedded in their school badge in a pilot program. The program may be expanded if successful. The manufacturer plans to market the product countrywide. The program has drawn some opposition from civil rights groups.
Global Privacy Dispatches- UK- Poor Security Practices (December 1, 2007)
In a recent survey of 1,200 UK workers, 35 percent said that IT security is the responsibility of the individual user when outside the workplace. Eighteen percent said they share their work password with another person; 32 percent share their work PC with a member of their household; 51 percent access company information from home and 33 percent do the same from public hotspots.
Global Privacy Dispatches- UK- Airline Passengers (December 1, 2007)
Under a proposal by the European Commissioner for Freedom, Security and Justice, airlines or computerized reservation systems would send at least 19 pieces of data on each passenger flying in or out of the EU to data-analysis units set by each EU state. All EU members must approve the proposal before it becomes law. The data includes names, credit card information, and telephone numbers.
Global Privacy Dispatches- UK- Student Activity Photos (December 1, 2007)
Just in time to prevent a ba-humbug holiday, the ICO has released guidance dispelling any confusion about whether family and friends may take pictures of children at school activities. Family and friends invited to school activities such as holiday plays may take pictures and videotape such events under the Domestic Purposes exception (section 36 of the Data Protection Act). The act, however, may apply to pictures taken by school officials for building passes and school prospectuses.
Global Privacy Dispatches- UK- Criminal Conviction Records (December 1, 2007)
The ICO has ordered four police forces to delete old criminal convictions from the Police National Computer (PNC). The ICO is concerned that the old conviction information is held contrary to the principles of the Data Protection Act because the information is no longer relevant and is excessive for policing purposes.
Global Privacy Dispatches- UK- Data Protection Act (December 1, 2007)
The Information Commissioner's Office (ICO) has found the Foreign and Commonwealth Office (FCO) in breach of the Data Protection Act following an investigation into the online application facility for UK visas.
IAPP Privacy Academy 2007 (December 1, 2007)
IAPP Privacy Academy 2007 Opens With a Look at Privacy's Past, Present and Future
Privacy in Israel: Current Status and Recent Developments (December 1, 2007)
As of 1992, the right of privacy in Israel maintains a constitutional status. Section 7 of the Human Dignity and Liberty Basic Law 5752 — 1992 (the basic law) provides that all persons have a right to privacy and to intimacy.
Global Privacy Dispatches- Israel- Email Monitoring (December 1, 2007)
Last July, the District Labor Court of Tel-Aviv ruled that an employer must comply with the provisions of the Israeli Wiretap and Protection of Privacy laws, prior to accessing employeeâ€˜s emails.
PERSPECTIVE: Advocate or Adversary: Recruiting's Balancing Act (December 1, 2007)
The myriad issues facing employers working to fill a vacancy and the desires of a prospective employee seeking to find gainful employment rarely match perfectly. At the workplace, budget constraints, personality conflicts, equipment obsolescence, office politics and community shortfalls may give pause to a candidate perfectly suited for an empty position.
Global Privacy Dispatches- Privacy Commissioners Conference (December 1, 2007)
The Privacy Commissioner's Office of Canada hosted the 29th International Conference of Data Protection and Privacy Commissioners in Montreal September 26-28. This international group is composed of national and sub-national representatives, mainly from European and Canadian data protection authorities. Countries such as the U.S. and Japan are permitted to attend as observers.
The Privacy Advisor Interviews Scott Charney of Microsoft (December 1, 2007)
The Privacy Advisor recently interviewed Scott Charney, Corporate Vice President of Microsoft Corp's Trustworthy Computing (TwC) Group about the company's efforts to protect its critical infrastructure, improve its engineering practices, secure its networks, and reach out to the rest of the technology industry on today's most important privacy and security issues.
Lauren Steinfeld (December 1, 2007)
The University of Pennsylvania Office of Audit, Compliance and Privacy announced that it has restructured its leadership in the privacy and compliance functions.
CCTV Privacy Practices (December 1, 2007)
The U.S. Department of Homeland Security Privacy Office has announced that it will hold a public workshop, CCTV: Developing Privacy Best Practices, on December 17-18 at the Hilton Arlington Hotel (Ballston Metro Stop) in Arlington, Virginia.
Global Employee Privacy Law (December 1, 2007)
The Privacy and Data Security Practice Group at Morrison & Foerster, led by practice head Miriam Wugmeister, has authored Employee Privacy: Guide to U.S. and International Law, published in two versions by A S Pratt & Sons and Thompson Publishing.
Global Privacy Dispatches- Argentina- Serradilla v Mendoza (December 1, 2007)
The Supreme Court of Argentina recently ruled that those who facilitate identity theft are liable for losses and emotional distress. In the case, a citizen requested the issuance of a new national identity card (cards which are mandatory in Argentina). The card was lost in the bureaucracy of the federal government and the individual never received it.
VIEWPOINT: RFID Technology for Identity Documents (December 1, 2007)
Neville Pattinson is the Vice President for Government Affairs at Gemalto, Inc. based in Austin, Texas. Pattinson serves as a Board member of the Smart Card Alliance and is Chairman of its Identity Council. He is a founding member of the Secure ID Coalition. Neville presently is serving a 3-year appointment as a Special Government Employee to the Department of Homeland Security's (DHS) "Data Privacy and Integrity Advisory Committee" (DPIAC). As a disclaimer, the article does not reflect the opinion of DHS or the DPIAC Committee.
IAPP in the News (December 1, 2007)
The IAPP has announced that two private sector organizations and one public sector privacy agency are the winners of the HP-IAPP Privacy Innovation Award.