Having trouble receiving the Privacy Advisor in your inbox? Click here for troubleshooting tips.
Global Privacy Dispatches
ITALY—Garante Addresses Medical Research, Welfare Positions Issues
The Garante, Italy’s Data Protection Authority (IDPA), has released three decisions related to research and a register of welfare positions.
ITALY—Garante Releases Enforcement Activity Report
The Garante, the Italian Data Protection Authority (IDPA), has released information on enforcement activity in Italy in 2013 and its relevant plan of inspections for the first semester of 2014.
CANADA—Anti-Spam Legislation To Come Into Force
After much discussion and consultation on the accompanying Regulations, Canada’s anti-spam legislation is about to take full effect. While the CRTC had previously published its regulations on March 28, 2012, the Electronic Commerce Protection Regulation was finally published on December 4, 2013.
UK—Government Department Fined 185,000 GBPs After Terrorist Incident Data Sold at Auction
A government department has been fined after a filing cabinet containing personal information relating to victims of a terrorist incident was sold at auction.
NEW ZEALAND—Privacy Reflections/Predictions for 2014
The high-profile privacy breaches of 2012-13 have shed an unprecedented light on personal information in New Zealand. Outgoing Privacy Commissioner Marie Shroff is leaving the role at a time when protecting personal information, a cause she has actively championed over the past 10 years, is at the forefront of public awareness and is top-of-mind for policy analysts, legislators and businesses alike.
NEW ZEALAND—Will the Tide Turn in 2014?
Last year was not a good one for New Zealand privacy-wise. While Australia forged ahead enacting legislation covering issues such as cross-border controls for personal data and introducing measures to implement breach notification, the government in New Zealand, by contrast, has been dragging its feet and instead adopted a raft of measures diminishing existing privacy protections. This article briefly reviews developments in New Zealand in 2013 and ventures some predictions as to what may lie in store in 2014.
AUSTRALIA—Australia Legislates for Privacy by Design
In March, Australia will be overhauling its privacy laws. One of the key features of the new regime means Australia will become one of the first jurisdictions to effectively legislate for the concept of Privacy by Design.
IBM Screen Masking (September 1, 2009)
Researchers at IBM’s Haifa, Israel Lab have developed a screen-masking software to help organizations protect the privacy of sensitive information by blocking it from view on computer screens.
Broaden your privacy portfolio (September 1, 2009)
Six thousand members. Hundreds of volunteers. The privacy profession and the IAPP continue to experience rapid growth. But we need your help! Be one of the hundreds of IAPP members worldwide who are actively engaged in building the privacy profession as advisory board members with the IAPP.
On notice, consent, and radical transparency (September 1, 2009)
U.S. fair information practices are founded on the concept of notice and choice, but the effectiveness this framework has come into question in professional circles, with some suggesting that in the brave new digital world where data collection opportunities are many and data use opportunities are rich, “notice” is failing when it comes to privacy.
Commissioner’s report on Facebook (September 1, 2009)
The Assistant Privacy Commissioner of Canada, Elizabeth Denham, issued a Report of Findings on an investigation into Facebook’s privacy practices on July 16. The commission launched the investigation on receiving a complaint from the Canadian Internet Policy and Public Interest Clinic (CIPPIC).
"New HIPAA" poses important challenges for business associates (September 1, 2009)
The new Health Insurance Portability and Account-ability Act (HIPAA) privacy and security requirements, imposed by the Health Information Technology for Economic and Clinical Health Act (the HITECH Act), will have a significant impact on the privacy and security of healthcare information, and on the compliance obligations for affected healthcare companies.
Privacy and electronic health records in Canada (September 1, 2009)
The federal and provincial governments of Canada have invested billions to develop health information technology, but privacy concerns loom. Public support for EHRs, says Michael Power, will be tied to how well patients’ private information is protected. Power describes Canada’s EHR landscape here.
Europe leads effort toward international privacy standard (September 1, 2009)
The Spanish Data Protection Authority on June 11 held a second meeting to discuss a proposed draft international privacy standard. The data protection authorities involved seek to complete the document for adoption at the meeting of the International Conference of Data Protection and Privacy Commissioners (ICDPPC) in Madrid this November.
Helping organisations become more transparent (September 1, 2009)
The Information Commissioner’s Office (ICO) has launched a new Privacy Notices Code of Practice that will help organisations provide more user-friendly privacy and marketing notices. The ICO wants to see an end to the confusing privacy notices that are written to protect organisations rather than to inform the public.
On site investigations: the 2009 programme (September 1, 2009)
The CNIL has issued its onsite investigation programme for 2009. Areas of focus in the private sector will include recruitment activities (including recruitment agencies, Internet sites, and large groups);
DPA enforces information security in hospitals (September 1, 2009)
On June 2, 2009 the Dutch Data Protection Authority (DPA) took enforcement action against four Dutch hospitals because they failed to improve their information security practices.
Data Protection Act amendments (September 1, 2009)
The amendments to the Federal Data Protection Act (FDPA; in German: Bundesdaten-schutzgesetz - BDSG) passed parliament (the Bundestag) on July 3, and on July 10, the second chamber (the Bundesrat - Federal Council) decided not to raise objections. The act now only needs signature by the President and promulgation. It will, with limited exceptions, enter into force on September 1, 2009.
OPC Essay Competition (September 1, 2009)
The Office of the Privacy Commissioner of Canada (OPC) has awarded a Queen’s University student with $2,500 and the opportunity to be published. Mathew Johnson won the OPC’s first-ever essay competition.
Daniel Caprio (September 1, 2009)
Daniel Caprio has joined the Government Affairs practice at McKenna Long & Aldridge LLP as Managing Director. Caprio will counsel clients in the areas of data and information privacy, RFID, and cybersecurity.
Privacy After Hours (September 1, 2009)
Mark your calendars for the next Privacy After Hours event Thursday, October 8. Held at locations worldwide, Privacy After Hours gatherings have become popular post-work networking events
Richard Allan (September 1, 2009)
Facebook has appointed Richard Allan to head up its lobbying efforts in the European Union. Allan is the former head of European regulatory affairs for Cisco.
CACR Grants (September 1, 2009)
The Center for Applied Cybersecurity Research (CACR) at Indiana University recently awarded $230,000 in grants to five interdisciplinary teams of IU researchers who will study cybersecurity issues.
Kimberley Gray (September 1, 2009)
Kimberly Gray has joined market intelligence firm IMS as its chief privacy officer, Americas. Gray will direct all privacy-related activities for IMS operating companies in the U.S., Canada, and Latin America.
Peter Swire (September 1, 2009)
The privacy field’s loss is the executive office’s gain. Peter Swire, CIPP, has joined the ranks of the National Economic Council, where he will work on issues related to housing, finance, and mortgages.