Having trouble receiving the Privacy Advisor in your inbox? Click here for troubleshooting tips.
Global Privacy Dispatches
ITALY—Garante Addresses Medical Research, Welfare Positions Issues
The Garante, Italy’s Data Protection Authority (IDPA), has released three decisions related to research and a register of welfare positions.
ITALY—Garante Releases Enforcement Activity Report
The Garante, the Italian Data Protection Authority (IDPA), has released information on enforcement activity in Italy in 2013 and its relevant plan of inspections for the first semester of 2014.
CANADA—Anti-Spam Legislation To Come Into Force
After much discussion and consultation on the accompanying Regulations, Canada’s anti-spam legislation is about to take full effect. While the CRTC had previously published its regulations on March 28, 2012, the Electronic Commerce Protection Regulation was finally published on December 4, 2013.
UK—Government Department Fined 185,000 GBPs After Terrorist Incident Data Sold at Auction
A government department has been fined after a filing cabinet containing personal information relating to victims of a terrorist incident was sold at auction.
NEW ZEALAND—Privacy Reflections/Predictions for 2014
The high-profile privacy breaches of 2012-13 have shed an unprecedented light on personal information in New Zealand. Outgoing Privacy Commissioner Marie Shroff is leaving the role at a time when protecting personal information, a cause she has actively championed over the past 10 years, is at the forefront of public awareness and is top-of-mind for policy analysts, legislators and businesses alike.
NEW ZEALAND—Will the Tide Turn in 2014?
Last year was not a good one for New Zealand privacy-wise. While Australia forged ahead enacting legislation covering issues such as cross-border controls for personal data and introducing measures to implement breach notification, the government in New Zealand, by contrast, has been dragging its feet and instead adopted a raft of measures diminishing existing privacy protections. This article briefly reviews developments in New Zealand in 2013 and ventures some predictions as to what may lie in store in 2014.
AUSTRALIA—Australia Legislates for Privacy by Design
In March, Australia will be overhauling its privacy laws. One of the key features of the new regime means Australia will become one of the first jurisdictions to effectively legislate for the concept of Privacy by Design.
HIPAA Rules (July 1, 2008)
The Healthcare Information and Management Systems Society (HIMSS) surveyed more than 500 health IT professionals in May to find out whether they feel HIPAA privacy and security rules are strong enough. The results? Fifty-four percent said they believe the rules are strong enough, while 34 percent of respondents said they believe they were not strong enough.
Kaiser Permanente Study (July 1, 2008)
More than half the respondents in a Kaiser Permanente study conducted in May feel that the nation's next president should make healthcare IT a big focus. Fifty-one percent of those surveyed said the next president should ensure that Americans have electronic access to their medical records.
Christopher Millard (July 1, 2008)
Christopher Millard has joined Queen Mary College, University of London, as the chair of privacy and information law at the School of Law. Millard has been teaching at the school since 1986, but this fall will begin his role as a full-time professor.
Global Privacy Dispatches- UK- Data Minimisation (July 1, 2008)
The Home Affairs Committee of the UK Parliament has requested the government "adopt a principle of data minimisation" in the information it collects and holds on citizens. This means that the government should collect only what is essential, store it only for as long as is necessary and "resist a tendency to collect more personal information and establish larger databases."
Global Privacy Dispatches- Netherlands- License Plate Recognition System (July 1, 2008)
In an effort to combat organized crime, the police department of the municipality of Zwolle has recently started using an automatic license plate recognition system. The system reads and stores the license plate numbers of all vehicles driving on highways in and around Zwolle and matches the license plate numbers against a database of license plates of organized crime suspects.
Global Privacy Dispatches- Israel- Employee Privacy (July 1, 2008)
Northern Israel's Nazareth District Labor Tribunal recently granted a plaintiff-employee's motion to suppress a number of email messages that were submitted with the defendant-employer's affidavit. The employee claimed that the employer obtained the messages by accessing the employee's work electronic mailbox without the employee's consent, thus violating his right to privacy.
Global Privacy Dispatches- Israel- New Anti Spam Law (July 1, 2008)
On May 27 the Israeli parliament enacted an amendment to the Communication Law that addresses the issue of unsolicited messages through electronic communication. While following the European 'opt-in' approach, the new anti-spam law also adopts principles and guidelines from American and Australian anti-spam acts.
Global Privacy Dispatches- France- CNIL Annual Report (July 1, 2008)
In 2007, the number of complaints received by the CNIL increased by 25 percent to 4,455. The areas in which most complaints were filed include: credit-banking, direct marketing, employment and telecommunications.
Global Privacy Dispatches- Canada- Annual Report on PIPEDA (July 1, 2008)
On June 3 the Privacy Commissioner of Canada, Jennifer Stoddart, submitted to Parliament her Annual Report on the Personal Information Protection and Electronic Documents Act (PIPEDA). The report provided an overview of the activities of her office for the year 2007, and outlined some key priorities for the coming year.
Student Privacy Comes Into Question (July 1, 2008)
The Belgian Privacy Commission has finally issued its guidelines on the processing of biometric data (Opinion nÂ° 17/2008 of April 9, 2008). The guidelines were published almost five years after the Article 29 Working Party adopted its Working Document on biometrics (WP 80 of August 1, 2003).
Building the Privacy Profession (July 1, 2008)
Do you know of an outstanding student who may be interested in the field of privacy? The IAPP will once again offer conference scholarships for attendance at September's Privacy Academy in Orlando, where recipients can immerse themselves in real-world networking and education alongside privacy professionals and be paired with a professional mentor from KPMG
New Computer Crimes Law (July 1, 2008)
The Argentine Congress enacted a computer crime law. The new law (law n. 26.388) criminalizes the illegal access to a computer system, computer fraud and damages to information and software. In addition, the law creates a new offence related to privacy and data protection law: It is illegal to open, access or publish an email or document without authorization of the sender. Finally, the law makes it a crime to access without authorization a database, to illegally provide personal data to third parties when the law establishes its secrecy and to insert personal data in a database.
HIPAA Hits Five (July 1, 2008)
Annie Lindstrom speaks with CPOs, healthcare officers, and government officials about the Health Insurance Portability and Accountability Act’s (HIPAA) privacy rules on the fifth anniversary of their enactment. New technologies and the entrance of “non-covered entities” into the healthcare marketplace have challenged the rule’s effectiveness. Experts discuss the changing landscape.
The New Healthcare Privacy Debate (July 1, 2008)
Kirk Nahra discusses what he believes are the top questions raised by the rapid development of electronic medical records, personal health records (PHR), and health information exchanges (HIE). Nahra says the health information marketplace is fast outgrowing existing privacy regulations, and that going forward, drafting legislation that allows for the benefits of these new technologies while still protecting legitimate privacy and security interests will be a challenge