European Data Protection Framework : Westminster eForum 2013
London, March 26th, 2013 The Westminster eForum series of events roles on with a ‘star studded’ head-to-head between UK GOV Lord McNally, EU Data Protection Supervisor Peter Hustinx, and UK Regulator David Smith Deputy Commissioner at ICO. So how was it? What insight and knowledge did we gain from this outing of the heavyweights? …
EDPS Opinion on proposed Data Protection Regulation and Directive
Changes to data protection law Here’s a quick recap on the privacy and information law changes we have coming; these are the European level legal changes that I always suggust clients have on their RADAR scopes. This is essentialiy a review of the reform package of Jan 25th, 2012 which is designed to deliver ‘A …
More ‘consent’ nomenclature
Further to my posting in October about the variation we see in the use of the ‘adverbs of consent’, here’s some more discombobulation (love that word!) The Privacy Commissioner in Canada has recently issued guidelines for online behavioural advertising in which there is reference to the Canadian Law PIPEDA “PIPEDA does recognize that the form …
House Files, ‘From lines’, Data Owners et al.
Is it just me, or is this all a bit confusing? ICO Help Desk, Law and Best Practice all in apparent disarray! Try this scenario with the ICO: I’m a data owner, I rent an opt-in ‘House list’ to data users, the data users create branded email messages and our subcontractor (data processor) sends them …
Deciding what’s strictly necessary should prove interesting
Strictly come .. necessary Sorting out the strictly necessary from the necessary and the nice to have is going to prove challenging. I wonder how much information we will see dropped/pulled from browsers despite a DNT tag or cookie opt out PECR 2003 Regulation 6 (4)(b) Paragraph (1) shall not apply to the technical storage …
Express, implied, explicit .. whatever!
It’s all about consent; we haven’t got it right yet and judging by the latest EC Directive we’re not about to get it right any day soon. We have struggled for decades with legal Nomenclature and clarity of meaning. For over ten years now (yes the Data Protection Act 1998 is that old) I have …
Google Apps falls foul of the Danish DPA: Terms and Conditions to blame
A hotly debated topic in many of the Data Protection Courses I run has been.. "How does a small company get the likes of Google, SaleForce, Microsoft et al. to listen to them when they demand compliance with their terms and conditions as required as part of principle 7 of the Data Protection Act. It …
Court Order? I don’t care. You’re not having my data!
ACS:Law update You're compelled by law to release data to a third party. You duly hand over the data and the third party 'loses it'. You suffer reputational damage as a result of the third party's breach of the DPA 1998. Guess what, next time you ask "YOU CAN'T HAVE IT!". In a predictable? twist …
ACS:Law and the file sharing lists ..
Protecting your business Rather than speculate whether the Information Commissioner's Office is finally going to 'discharge its weapons' I thought it would be interesting to look at the realities of protecting your own business from a similar fate. Internet activists, 4chan, targeted ACS:Law during what it called Operation Payback and appear to have 'acquired' the …
Comments