This site would like to set some non-essential temporary cookies. Some cookies we use are essential to make our site work.
Others such as Google Analytics help us to improve the site or provide additional but non-essential features to you.
No behavioural or tracking cookies are used.
To change your consent settings, read about the cookies we set and your privacy, please see our Privacy Policy

Data Protection Leader

Volume: 10 Issue: 9
(September 2013)


Data protection authorities (DPAs) adopted a number of resolutions at the 35th International Conference of Data Protection and Privacy Commissioners during 23-26 September 2013 in Warsaw, Poland. Topics included international enforcement coordination, mobile apps, and anchoring data protection in international law. / read more

The Mexican Data Protection Authority (IFAI) published - on 10 September 2013 - their draft Data Security Guidelines (the Guidelines) for public consultation. / read more

The Federal Communications Commission (FCC)'s new telemarketing rules, requiring telemarketers to obtain express, written consent of customers before using autodialer equipment or pre-recorded messages to call them, will come into force on 16 October 2013. / read more


The secret of compliance is motivation. That motivation does not normally come from the pleasure and certainty derived from ticking all possible boxes on a compliance checklist. Although, having said that, I have come across sufficiently self-disciplined individuals who seem to make a virtue out of achieving the highest degree of data privacy compliance within their organisations. However, this is quite exceptional. In truth, it is very difficult for any organisation – big or small, in the private or public sector – to get its act together simply out of fear of non-compliance with the law. Putting effective policies and procedures in place is never the result of a sheer drive to avoid regulatory punishment. Successful legal compliance is, more often than not, the result of presenting dry and costly legal obligations as something else. In particular, something that provides tangible benefits. / read more

In recent months the media has been revealing more about previously clandestine data gathering and surveillance methods used by the National Security Agency (NSA) in its efforts to combat terrorism. The new information has led welcome debate over the proper scope of the NSA’s authority and oversight, and calls for reform. Despite an unprecedented public defense by the NSA itself, as well as President Obama and the Department of Justice, the revelations have raised a host of questions, confusion and conflicting assertions about what the NSA is doing. Part One of this article explored the legal underpinnings of the NSA programs and discussed the proposals for reform of the NSA’s legal authority now pending before Congress. In Part Two of this article, Alex Lakatos and Matt Bisanz, Partner and Associate at Mayer Brown LLP respectively, address why the NSA’s overreaching authority is of dubious effectiveness when it comes to keeping America safe, but may be a real threat to USA businesses. / read more

The Association of French-speaking Data Protection Authorities (AFAPDP), consisting of 15 countries, recently proposed a BCR-style data transfers model between member states as part of their efforts to improve the standard of data protection in less mature regimes. Recently, Africa has seen a flurry of developments, from Morocco’s approval of Convention 108 (Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data), to new privacy laws in Niger and Gabon. Floriane Leclercq, Data Protection Project Manager at the AFAPDP, comments on the AFAPDP’s mission and how African data protection law is shaping up. / read more

With ever increasing data volumes, archives contain tremendous amounts of valuable and worthless information. Whether by changing circumstances or bad design, many legacy archives make it almost impossible to gain a true understanding of their contents. Dr Jim Kent, CEO, EMEA and Head of Investigations at Nuix, explains techniques organisations can use to speed up data migration. / read more

Prior to the widespread adoption of electronic mail, obtaining access to a beloved one's personal documents after his or her death was a fairly straight-forward process. The executor of the estate would, consistent with any specific instructions in the decedent's will, be authorised by a court of law to have banks and postal offices open the decedent's safety deposit boxes to determine their contents and aid with the administration of the estate. Frederick M. Joyce and Tiffany M. Nichols, Chair of Telecom Group and Associate at Venable LLP respectively, explores a recent Massachusetts appeals case, Ajemian v. Yahoo! Inc. 7 May 20131, involving a request by a deceased man’s relatives to access his Yahoo! email account, which was denied by Yahoo!, analysing the difficulty of balancing electronic privacy with the rights of those claiming a legitimate reason to access online content. / read more

The South African Parliament passed - on 22 August 2013 - the Protection of Personal Information (POPI) Bill. POPI was introduced in August 2009 by the South African Cabinet and represents South Africa's first comprehensive data protection legislation. POPI is expected to come into force before the end of the year. Data Protection Law & Policy interviewed Advocate Mthunzi Mhaga, Spokesperson for the Department of Justice and Constitutional Development, to learn more about the new Bill. / read more

Use of cloud computing in the business sector is fast becoming the norm, offering increased flexibility, reduction of costs and a stronger interconnection of businesses within the competitive global markets. However, export control mechanisms are often overlooked when transferring data in the cloud, with severe sanctions for violations. Dr Philip Haellmigk and Florian Foerster, Associate and Trainee Solicitor respectively at Bird & Bird, outline the requirements businesses using the cloud should be aware of, as well as how to avoid falling foul of these provisions. / read more

The Organisation for Economic Co-operation and Development (OECD) published - on 9 September 2013 - revisions to their Guidelines on the Protection of Privacy and Transborder Flows of Personal Data (the Guidelines). The revisions represent the first update to the original 1980 version, which became the first set of internationally agreed privacy principles. Data Protection Law & Policy has put together a roundtable of comments from privacy experts across the globe to provide a truly international perspective on this development. / read more

About Data Protection Leader:

The monthly law publication which covers all aspects of data protection and data privacy. Topics covered include data transfers and outsourcing, data localisation and retention, the EU General Data Protection Regulation (GDPR), the e-Privacy Directive, data security, marketing and behavioural advertising, consent, employee monitoring, privacy compliance, risk management, DPO responsibilities, accountability, Privacy by Design, acquisition and mergers, the Internet of Things, cloud computing and Big Data / read more

Search Publication Archives

Our publication archives contain all of our articles, dating back to 2004.
Can’t find what you are looking for?
Try an Advanced Search

Log in to data protection leader
Subscribe to data protection leader
Register for a Free Trial to data protection leader
data protection leader Pricing

Social Media

Follow data protection leader on TwitterView data protection leader LinkedIn Profiledata protection leader RSS Feed