Having trouble receiving the Privacy Advisor in your inbox? Click here for troubleshooting tips.
Global Privacy Dispatches
ITALY—Garante Addresses Medical Research, Welfare Positions Issues
The Garante, Italy’s Data Protection Authority (IDPA), has released three decisions related to research and a register of welfare positions.
ITALY—Garante Releases Enforcement Activity Report
The Garante, the Italian Data Protection Authority (IDPA), has released information on enforcement activity in Italy in 2013 and its relevant plan of inspections for the first semester of 2014.
CANADA—Anti-Spam Legislation To Come Into Force
After much discussion and consultation on the accompanying Regulations, Canada’s anti-spam legislation is about to take full effect. While the CRTC had previously published its regulations on March 28, 2012, the Electronic Commerce Protection Regulation was finally published on December 4, 2013.
UK—Government Department Fined 185,000 GBPs After Terrorist Incident Data Sold at Auction
A government department has been fined after a filing cabinet containing personal information relating to victims of a terrorist incident was sold at auction.
NEW ZEALAND—Privacy Reflections/Predictions for 2014
The high-profile privacy breaches of 2012-13 have shed an unprecedented light on personal information in New Zealand. Outgoing Privacy Commissioner Marie Shroff is leaving the role at a time when protecting personal information, a cause she has actively championed over the past 10 years, is at the forefront of public awareness and is top-of-mind for policy analysts, legislators and businesses alike.
NEW ZEALAND—Will the Tide Turn in 2014?
Last year was not a good one for New Zealand privacy-wise. While Australia forged ahead enacting legislation covering issues such as cross-border controls for personal data and introducing measures to implement breach notification, the government in New Zealand, by contrast, has been dragging its feet and instead adopted a raft of measures diminishing existing privacy protections. This article briefly reviews developments in New Zealand in 2013 and ventures some predictions as to what may lie in store in 2014.
AUSTRALIA—Australia Legislates for Privacy by Design
In March, Australia will be overhauling its privacy laws. One of the key features of the new regime means Australia will become one of the first jurisdictions to effectively legislate for the concept of Privacy by Design.
Global Privacy Dispatches- Canada- Handling Complaints (February 1, 2008)
The Federal Privacy Commissioner in a letter dated January 15, 2008 to Industry Canada responded to its consultations regarding the review of the Personal Information Protection and Elec-tronic Documents Act (PIPEDA) expressing the desire to be able to take a more proactive approach to addressing key and systemic issues through research, public education, and Commissioner initiated complaints and audits. Ongoing lengthy delays in the handling of complaints are stated to consume resources and frustrate efforts to shift focus and deal with major privacy threats resulting from rapidly advancing information technologies affecting society as a whole.
2008 Presidential Candidates Present Contrasts on Privacy (February 1, 2008)
Facebook and Truste (February 1, 2008)
Stollenwerk v. Tri-West Health: Rise of the Phoenix? (February 1, 2008)
One of the biggest obstacles for consumer plaintiffs in personal data breach lawsuits has been establishing the “damages” element of a negligence claim, but a landmark case against establishing damages, ironically, could give plaintiff’s attorneys added ammunition. David Navetta examines the case of Stollenwerk v. Tri-West health in this article.
Information Security Survey (February 1, 2008)
The results of Ernst & Young’s 2007 Global Information Security Survey show privacy as an increasingly important driver of corporate information security practices.
Q&A with Summit Keynote Speaker Jeffrey Rosen (February 1, 2008)
In this Privacy Advisor Q&A, Jeffrey Rosen, professor of law at George Washington University, talks about the role of the Supreme Court in the evolution of U.S. privacy law and discusses the issues that will likely frame the legal debate over privacy in the coming years.
Global Privacy Dispatches- UK- Barclays Chairman Identity Fraud (February 1, 2008)
The chairman of Barclays Bank has become a victim of identity fraud after a con man stole £10,000 from his personal account in a credit card scam. Marcus Agius, who took over as Barclays chairman last year, lost the money after a fraudster convinced a call centre worker to issue a credit card in his name.
Global Privacy Dispatches- UK- Protection of Private Data (February 1, 2008)
The Justice Committee of the House of Commons has issued a report titled Protection of Private Data. The report is the result of an inquiry prompted by the November 2007 loss by Revenue and Customs of two CDs containing personal and banking information belonging to all child benefit claimants. The Committee took evidence from Information Commissioner Richard Thomas and David Smith, his deputy, about the case and the issue of protection of personal data held by the government and other agencies.
Global Privacy Dispatches- UK- Carphone Warehouse (February 1, 2008)
The Information Commissioner's Office (ICO) has taken enforcement action against Carphone Warehouse, and its sister company TalkTalk, for breaches of the UK Data Protection Act. The enforcement action followed an investigation into several complaints concerning the way in which both organisations processed and stored personal information.
Global Privacy Dispatches- Italy- Acceptance of BCR's (February 1, 2008)
Recently, Italy made some changes regarding data export to countries that do not offer adequate protection according to EU standards. On 6 December 2007, the Italian Data Protection Authority (Garante per la protezione dei dati personali) issued a press release announcing that it had officially requested that the Italian Parliament modify the section of the Italian Data Protection Code that referred to the export of data to third countries.
Global Privacy Dispatches- Israel- Communication Data (February 1, 2008)
Law enforcement agencies in Israel have been granted broad access to information held by telecommunication service providers, under legislation aimed at regulating communication data transfer during the course of criminal investigations.
Global Privacy Dispatches- EU- Passenger Name Records (February 1, 2008)
Passenger Name Records (PNR) have proven to be a critical tool to help the Department of Homeland Security (DHS) identify lethal enemies — including those previously unknown — from among the numerous travelers who arrive from overseas. In its agreement from June of 2007, DHS sought to ensure its continued access to this useful information while at the same time safeguarding the privacy of the traveling public. Recently, the EU Parliament (EUP) Legal Services has issued a legal opinion on the 2007 Agreement, at the request of the President of the EUP Commission on Civil Liberties, Justice and Internal Affairs (LIBE).
Personal Health Records (February 1, 2008)
The Health Privacy Project, the California HealthCare Foundation, and a group of corporate leaders recently released Best Practices for Employers Offering Personal Health Records (PHRs). The 10 Best Practices are designed to address companies' concerns about consumer anxiety and regulatory uncertainty.
RFID and Privacy (February 1, 2008)
Ontario Information and Privacy Commissioner Ann Cavoukian, Ph.D., in collaboration with Hewlett Packard (HP) Canada, have released a joint whitepaper, RFID and Privacy: Guidance for Health-Care Providers, which is aimed at cutting through the uncertainty over the potential application of Radio Frequency Identification (RFID) technology in the health sector and the privacy implications of its uses.
Compuware and Ponemon Survey (February 1, 2008)
A survey conducted by Compuware Corporation and the Ponemon Institute showed an overwhelming majority of organizations surveyed risk compromising critical information by using actual customer data for the development and testing of applications.
IAPP in the News (February 1, 2008)
Ross Kerber, a reporter following the TJX data breach story for the The Boston Globe, recently interviewed IAPP Executive Director J. Trevor Hughes. The article focused on TJX's move to create a number of privacy roles to help it contend with privacy issues in the future.
Notes from the Executive Director (February 1, 2008)
It seems like it was just last week that I was shaking hands and greeting the nearly 1,000 privacy professionals who gathered in San Francisco for the Privacy Academy 2007, and here we are, together again, for what is widely regarded as the "must attend"event of the year on the privacy calendar — the IAPP Privacy Summit 2008.
IAPP Privacy Summit 2008 Keynotes Feature Supreme Court Experts, Global Thought Leaders (February 1, 2008)
As excitement builds in Washington over the impact of the 2008 presidential election, the IAPP Privacy Summit 2008 will capture the momentum with analysis and discussion about legislative trends and likely developments in privacy in the coming year. In an enduring commitment to provide attendees with programming focused on global privacy, the IAPP Privacy Summit 2008 also will present sessions on the latest global privacy issues.