Privacy Advisor

Having trouble receiving the Privacy Advisor in your inbox? Click here for troubleshooting tips.

Global Privacy Dispatches

FRANCE—Expansion of CNIL Investigation Powers Confirmed
In the past few years, the French data protection authority (CNIL) has made itself known for its on-site investigation powers by coming unannounced to the premises of businesses to perform interviews and searches in order to assess compliance with the French Data Protection Act. Read More
FRANCE—The End of Aggressive Cold-Calling?
The new consumer act of March 17 is now in force. Among its key measures, it plans the creation of a centralized do-not call list. Read More
HUNGARY—Hungarian DPA Suggests Refinements in IT Policies
In a recent case, the Hungarian Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság or NAIH) investigated a case where a company had to access its employee’s laptop for compliance reasons and imposed a fine of HUF 1,500,000 (approximately 5,000 euros) for unlawful data processing. Read More
UK—Marketing Companies Punished for Hiding Identity While Making Nuisance Calls
The Information Commissioner's Office (ICO) has ordered two telephone marketing companies to change their practices after more than 100 complaints were made to the ICO that the companies were making nuisance marketing calls. Read More
UK—British Pregnancy Advice Service Fined for Serious Data Breach
The British Pregnancy Advice Service (BPAS) has been fined 200,000 GBPs after a serious breach of the Data Protection Act (DPA) revealed thousands of people's personal details to a malicious hacker. Read More
UK—ICO Publishes Updated PIA Guidance
The UK Information Commissioner's Office has published its updated Privacy Impact Assessment (PIA) Code of Practice to help organisations comply with their data protection law obligations when they change the way that they use personal data. Read More
ITALY—Garante Addresses Medical Research, Welfare Positions Issues
The Garante, Italy’s Data Protection Authority (IDPA), has released three decisions related to research and a register of welfare positions.

Read More
ITALY—Garante’s Provision on Mobile Payment Services
On December 12, 2013, the Italian Data Protection Authority (Garante) issued a draft general provision on the processing of personal data in the context of mobile remote payment services. This new provision sets the rules for the processing of information about users who purchase digital services and products and pay for them remotely via their phone bills. Read More
ITALY—Garante Addresses Medical Research, Welfare Positions Issues
The Garante, Italy’s Data Protection Authority (IDPA), has released three decisions related to research and a register of welfare positions. Read More
New ICO named (February 1, 2009)
Let's go surfin now (February 1, 2009)
Kill Switch (February 1, 2009)
Breach Insurance (February 1, 2009)
What's in a name (February 1, 2009)
Kuner reviewing EU directive (February 1, 2009)
Privacy in print (February 1, 2009)
What's ahead for privacy and security in 2009? (February 1, 2009)
The new president, a new Congress, and the promise of new legislation will keep privacy and security professionals busy in 2009. Kirk Nahra, CIPP, discusses how the changing landscape will impact corporate privacy and security officers. Increased enforcement, the ever-growing threat of identity theft, and more liability will be major concerns. Nahra outlines specific actions companies can take to prepare.
Schneier shares (February 1, 2009)
Bruce Schneier refutes the idea that privacy and security are mutually exclusive, discusses data as the pollution problem of the Information Age and privacy as the new environmentalism, and looks in to the future. “Twenty years from now, I believe we will have more liberty, more privacy, and more security than ever before.”
Europe debates mandatory data breach notifications (February 1, 2009)
Mathew Schwartz hears from all sides of Europe’s ongoing breach notification debate. The European commission sparked the debate in 2007 when it suggested breach reporting requirements for telecom companies and Internet service providers. Some European officials support such a mandate, with some even suggesting that it cover all entities handling private data. Others think the rule would lead to “breach fatigue” and public apathy. They assert that more investigative powers and more meaningful fines for breaches are the answer to this growing data breach problem.
Genomic pioneers blaze trail to new frontier (February 1, 2009)
The Personal Genome Project (PGP) is gathering the genomic information, DNA sequences, medical records, and other personal information of 10 individuals who have agreed to forsake privacy concerns for the advancement of science. The data will be available to both the research community and the public. The Privacy Advisor interviewed three PGP-10 participants about their decision to share such sensitive information.