Having trouble receiving the Privacy Advisor in your inbox? Click here for troubleshooting tips.
Global Privacy Dispatches
ITALY—Garante Addresses Medical Research, Welfare Positions Issues
The Garante, Italy’s Data Protection Authority (IDPA), has released three decisions related to research and a register of welfare positions.
ITALY—Garante Releases Enforcement Activity Report
The Garante, the Italian Data Protection Authority (IDPA), has released information on enforcement activity in Italy in 2013 and its relevant plan of inspections for the first semester of 2014.
CANADA—Anti-Spam Legislation To Come Into Force
After much discussion and consultation on the accompanying Regulations, Canada’s anti-spam legislation is about to take full effect. While the CRTC had previously published its regulations on March 28, 2012, the Electronic Commerce Protection Regulation was finally published on December 4, 2013.
UK—Government Department Fined 185,000 GBPs After Terrorist Incident Data Sold at Auction
A government department has been fined after a filing cabinet containing personal information relating to victims of a terrorist incident was sold at auction.
NEW ZEALAND—Privacy Reflections/Predictions for 2014
The high-profile privacy breaches of 2012-13 have shed an unprecedented light on personal information in New Zealand. Outgoing Privacy Commissioner Marie Shroff is leaving the role at a time when protecting personal information, a cause she has actively championed over the past 10 years, is at the forefront of public awareness and is top-of-mind for policy analysts, legislators and businesses alike.
NEW ZEALAND—Will the Tide Turn in 2014?
Last year was not a good one for New Zealand privacy-wise. While Australia forged ahead enacting legislation covering issues such as cross-border controls for personal data and introducing measures to implement breach notification, the government in New Zealand, by contrast, has been dragging its feet and instead adopted a raft of measures diminishing existing privacy protections. This article briefly reviews developments in New Zealand in 2013 and ventures some predictions as to what may lie in store in 2014.
AUSTRALIA—Australia Legislates for Privacy by Design
In March, Australia will be overhauling its privacy laws. One of the key features of the new regime means Australia will become one of the first jurisdictions to effectively legislate for the concept of Privacy by Design.
CNIL watching video surveillancesystem (December 24, 2009)
A video surveillance system has been installed in Lille city buses in northern France. The system records images and sounds continuously in order to improve driver and passenger safety. Only police can access the audio and video footage, and the recordings are deleted after a period of 48 hours.
The ethics of “Googling” someone (December 1, 2009)
Just because you can “Google” someone, should you? This is a good question for the U.S. Federal Trade Commission, which is re-examining privacy during a series of roundtable events this winter.
Data sharing: disclosure of partners required (December 1, 2009)
In an answer to a query brought by the online magazine PCimpact.com
, the CNIL (the French data protection authority) clarified what should be considered “informed consent” (opt in).
E-discovery (December 1, 2009)
The CNIL issued a recommendation to data controllers requested to transfer information to the U.S. in the framework of e-discovery proceedings. French legal requirements must be met including those resulting from the Hague Convention and from the Data Protection Act.
“Peer to peer law”— the status (December 1, 2009)
As reported in the October issue of the Privacy Advisor
(page 10), the law to fight against infringing downloads had to be modified in order to meet the requirements of the French Constitutional Court. Finding the new draft still unsatisfactory, some MEPs challenged it once more before the Constitutional Court.
Video-surveillance sanctioned (December 1, 2009)
The CNIL issued a 10,000 euro fine to a street-ware business for using a permanent video surveillance system. The system, intended to protect the business against theft, was found not proportionate because it surveilled too many areas, including areas where no products were stored.
Consumer watchdog scrutinises customised pricing based on online behaviour (December 1, 2009)
The Office of Fair Trading (OFT) has launched two separate market studies into advertising and pricing. The first, into online targeting of advertising and prices, will cover behavioural advertising and customised pricing, where prices are individually tailored using information collected about a consumer's Internet use.
eBay receives BCR approval (December 1, 2009)
EBay has received permission to use binding corporate rules (BCRs) to transfer data across borders. The Luxembourg data protection authority, Commission Nationale pour la Protection des Données (CNPD), approved the company’s application recently.
Breach action site created (December 1, 2009)
A new site aims to provide a one-stop resource for organizations that have experienced a data breach. Field Fisher Waterhouse (FFW), RSA Security, and KPMG have teamed together to create the Breach Action Web site, a clearinghouse of law, technology, and consultancy resources who will collectively execute a joint plan of action for breached firms.
New AFCDP board members (December 1, 2009)
The French Association of Data Protection Correspondents (AFCDP) has named new members to its board of directors.
Engaging data (December 1, 2009)
More than 200 people from across the globe attended the First International Forum on the Application and Management of Personal Electronic Information in October, the launching event of the MIT SENSEable City Lab's "Engaging Data Initiative."
Notes from the Executive Director (December 1, 2009)
Our first issue of the Advisor every year has always been about looking forward into the New Year. What will change in the privacy world? What new laws and regulations will challenge privacy pros? What major media stories—whether breaches, emerging technologies, or boundary-stretching business models—will strain our current tools for managing data? There are always more questions than can possibly be answered.