This site would like to set some non-essential temporary cookies. Some cookies we use are essential to make our site work.
Others such as Google Analytics help us to improve the site or provide additional but non-essential features to you.
No behavioural or tracking cookies are used.
To change your consent settings, read about the cookies we set and your privacy, please see our Privacy Policy

Data Protection Leader

Volume: 11 Issue: 11
(November 2014)


The Polish Parliament adopted, on 7 November 2014, an act on facilitation of performance of business activity (‘the Amendment’) to the Personal Data Protection Act of 1997 (‘the Act’), which would make the appointment of a Data Protection Officer (DPO) optional while strengthening the role, as businesses would have to ensure that DPOs perform their tasks independently and report directly to the CEO. / read more

The Canadian Radio-television Telecommunications Commission (CRTC) released, on 10 November 2014, new Guidelines regarding business installation of software or computer programs on other people’s computer systems. / read more

The Government of Uganda opened a public consultation, on 15 November 2014, regarding the country’s draft Data Protection and Privacy Bill 2014 (‘the Bill’). If passed, the Bill would become Uganda’s first piece of legislation which focuses exclusively on privacy. / read more


The level of concern about the legal restrictions affecting international data transfers is on the increase. Debates at privacy conferences and Twitter exchanges ardently evidence that overcoming those restrictions has become a managerial priority, as well as a growing headache for multinationals. Safe Harbor is constantly in the firing line and its supporters are often accused of trying to pull the wool over the eyes of European data exporters and regulators no matter how hard they try to show its effectiveness. Conversely, undertaking a Binding Corporate Rules (BCR) project is often seen as an overwhelmingly daunting exercise with an uncertain return. This is not a reassuring position to be in, given that the prospect of a restrictions-free future for global data flows is unlikely. As a result, making data transfers legal tools work, continues to be one of the greatest challenges faced by privacy professionals. / read more

The Location Privacy Protection Act of 2014 has been proposed in the US, which if passed would prohibit businesses from knowingly collecting geolocation data from mobile devices without obtaining the consent of the user. Sarah L. Bruno and Eva J. Pulliam, Arent Fox LLP provide detailed analysis of the proposed legislation and what it would mean for mobile product and service providers targeting US customers. / read more

The Supreme People’s Court (‘SPC’) Interpretation of Case Trials involving Infringement of Personal Civil Rights by Using Information Networks (‘the Interpretation’) became effective on 10 October 2014. Yang Xun, Of Counsel at Simmons & Simmons’ Shanghai Representative Office, discusses the impacts of the Interpretation on China’s internet privacy laws. / read more

On 17 January 2013, the Office for Civil Rights (OCR), Department of Health and Human Services (HHS), issued the Omnibus final rule: ‘Modifications to the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, Enforcement, and Breach Notification Rules under the Health Information Technology for Economic and Clinical Health Act (HITECH) and the Genetic Information Nondiscrimination Act; Other Modifications to the HIPAA Rule’ (‘Final Rule’). Health care entities scrambled to ensure they complied with the Final Rule, motivated in large part by the threat of increased government audits, enforcement and penalties. Covered Entites (‘CEs’) and Business Associates (‘BAs’) hurried to enter and update their written Business Associate Agreements (‘BAAs’) by the 2013 and 2014 September deadlines1 to avoid sanctions made possible by the Final Rule. Marcia Augsburger, Partner at DLA Piper, examines HIPAA enforcement on a federal and state level since the Final Rule became effective. / read more

On 8 October 2014, the Committee on Internet Rights and Duties, established under the Italian Parliament, approved the first draft of the Declaration of Internet Rights (‘the Declaration’). The Declaration, which the Committee has been working on since August 2014, follows similar international declarations, such as Brazil’s Marco Civil da Internet. The initiative is in addition to, and in some ways overlaps, other proposals that regulate defamation in Italy, as well as the current proposals on the General Data Protection Regulation (‘GDPR’) in the EU. Andrea Antognini, Partner at ELEXI Studio Legale, provides insight on the legislative and regulatory proposals which are currently open for public consultation. / read more

The Internet of Things (loT) is likely to be the next big thing, a disruptive technological step that will change the way in which we live and work, perhaps as fundamentally as the ‘traditional’ Internet did. It’s no surprise then that everyone wants a slice of that pie, despite the fact that to a large extent we are not clear on what the term IoT means exactly. Whatever the loT is or is going to become, one thing is certain: it is all about the data. There is also no doubt that the loT triggers challenging legal issues concerning privacy and data protection. Antonis Patrikios and Dominika Kupczyk, Legal Director and Associate respectively at Fieldfisher, examine these challenges and propose a method for approaching privacy compliance in a way that works. / read more

About Data Protection Leader:

The monthly law publication which covers all aspects of data protection and data privacy. Topics covered include data transfers and outsourcing, data localisation and retention, the EU General Data Protection Regulation (GDPR), the e-Privacy Directive, data security, marketing and behavioural advertising, consent, employee monitoring, privacy compliance, risk management, DPO responsibilities, accountability, Privacy by Design, acquisition and mergers, the Internet of Things, cloud computing and Big Data / read more

Search Publication Archives

Our publication archives contain all of our articles, dating back to 2004.
Can’t find what you are looking for?
Try an Advanced Search

Log in to data protection leader
Subscribe to data protection leader
Register for a Free Trial to data protection leader
data protection leader Pricing

Social Media

Follow data protection leader on TwitterView data protection leader LinkedIn Profiledata protection leader RSS Feed