This site would like to set some non-essential temporary cookies. Some cookies we use are essential to make our site work.
Others such as Google Analytics help us to improve the site or provide additional but non-essential features to you.
No behavioural or tracking cookies are used.
To change your consent settings, read about the cookies we set and your privacy, please see our Privacy Policy

Data Protection Leader

Volume: 10 Issue: 3
(March 2013)


The Article 29 Working Party (WP29) – in a statement issued on 27 February 2013 – called for restrictions on self-assessment mechanisms for data transfers. The WP29 referred to the discussions currently taking place 'to enable data transfers by using non binding instruments' and stated that 'bindingness is one of the most important requirements for tools enabling international transfers for ensuring appropriate safeguards for data subjects.' The WP29 stated that self-assessment mechanism should remain 'a derogation to adequate safeguards with a very limited scope' and should be used on an exceptional basis for non-massive and non-repetitive transfers. / read more

Newly elected Chairwoman of the Federal Trade Commission (FTC), Edith Ramirez, stated on 8 March 2013, that she intends to tackle the 'Internet of Things' in the coming months, as part of her privacy and data protection agenda for 2013/2014. / read more

The Article 29 Working Party (WP29) adopted – on 27 February 2013 – Opinion 02/2013 on apps in which it cited a lack of free and informed consent as a key data protection risk to end users. / read more


I had not heard the word 'ecosystem' since school biology lessons. But all of a sudden, someone at a networking event dropped the 'e' word and these days, no discussion about mobile communications takes place without the word 'ecosystem' being uttered in almost every sentence. An ecosystem is normally defined as a community of living things helping each other out (some more willingly than others) in a relatively contained environment. The point of an ecosystem is that completely different organisms - each with different purposes and priorities - are able to co-exist in a more or less harmonious but eclectic way. / read more

On 21 December 2012, the Milan Court of Appeals overturned the decision issued in 2010 by the Court of Milan in the 'Google Vivi Down' case. Filed on 27 February 2013, the Court of Appeals' decision was based on and confirmed the general principle that Internet Service Providers (ISPs) have no general duty to monitor user-uploaded content on their systems. Laura Liguori and Federica De Santis, Partner and Associate respectively at Portolano Cavallo Studio Legale, analyse the impact of the case on ISPs' liability and the wider landscape of overlapping interests in the digital climate. / read more

Businesses are increasingly looking to create and use new business models based around open datasets, while Big Data enables businesses to get insight into customers, markets and economic trends. However, the public and regulators will only be willing to support, participate and trust in such initiatives if measures are in place to ensure the privacy of data subjects is respected. William Long and Geraldine Scali, Partner and Associate respectivelyat Sidley Austin LLP, analyse the increasing importance of procedures such as anonymisation and pseudonymisation, in order to balance the opportunities that arise from the growing uses of data with privacy. / read more

Ireland took over the Presidency of the Council of the EU from Cyprus in January 2013, with continued progress of the data protection reform package as a top priority. Alan Shatter, the Irish Minister for Justice, Equality and Defence, discusses the Presidency's aim to bring EU data protection law into the digital age. / read more

The US has taken a giant step forward on the path towards protecting patient privacy. On 25 January 2013, in response to growing public concern over the number of data breaches, the Department of Health and Human Services (HHS) issued the long-awaited Health Insurance Portability and Accountability Act (HIPAA) Omnibus Rule. The 563-page rule significantly broadens the scope of organizations covered by the federal health privacy laws in the US while strengthening and reinforcing HHS' enforcement authority over them. At the same time, the new rule expands the rights of patients with respect to their personal medical information. Joan Antokol, Partner at Park Legal LLC, examines and analyses the requirements and impact of the HIPAA Omnibus Rule. / read more

New Zealand was recently recognised by the EU Commission as 'adequate' for the purposes of data transfers, making it the first country in the western Asia-Pacific region to receive such recognition. With other countries including Australia, Singapore, Malaysia and the Philippines enacting new privacy laws, the region's previously sparse regulation is quickly developing. On the 20th anniversary of their Privacy Act, we interviewed Blair Stewart, Assistant Privacy Commissioner for New Zealand, on what adequacy means for New Zealand. / read more

The multitude of functions that smartphones can perform has resulted in a device from which consumers are rarely parted. The growth of mobile payments capitalises on smartphones' integral position in our everyday lives, however, also raises data security concerns. Jason Oxman, Chief Executive Officer (CEO) of the Electronic Transactions Association (ETA), which represents over 500 payment firms worldwide, discusses this burgeoning sector and the progress of regulatory efforts. / read more

With developing states in Asia-Pacific and South America closing the privacy gap between developed markets in the West, Africa too has begun levelling the playing field to bring Africa in line with global data protection standards, providing an attractive destination for businesses. Enyinna S. Nwauche, Professor of the Department of Law at the University of Botswana, undertakes a general review of data protection laws in selected African countries, identifying those with comprehensive laws, highlighting constitutional provisions on the right to privacy, and discussing the relevant authorities responsible for compliance. / read more

About Data Protection Leader:

The monthly law publication which covers all aspects of data protection and data privacy. Topics covered include data transfers and outsourcing, data localisation and retention, the EU General Data Protection Regulation (GDPR), the e-Privacy Directive, data security, marketing and behavioural advertising, consent, employee monitoring, privacy compliance, risk management, DPO responsibilities, accountability, Privacy by Design, acquisition and mergers, the Internet of Things, cloud computing and Big Data / read more

Search Publication Archives

Our publication archives contain all of our articles, dating back to 2004.
Canít find what you are looking for?
Try an Advanced Search

Log in to data protection leader
Subscribe to data protection leader
Register for a Free Trial to data protection leader
data protection leader Pricing

Social Media

Follow data protection leader on TwitterView data protection leader LinkedIn Profiledata protection leader RSS Feed