This site would like to set some non-essential temporary cookies. Some cookies we use are essential to make our site work.
Others such as Google Analytics help us to improve the site or provide additional but non-essential features to you.
No behavioural or tracking cookies are used.
To change your consent settings, read about the cookies we set and your privacy, please see our Privacy Policy

Data Protection Leader

Volume: 11 Issue: 9
(September 2014)


The Global Privacy Enforcement Network (GPEN) published, on 10 September 2014, the results of an enforcement sweep carried out in May 2014 to evaluate mobile app compliance. 26 data protection authorities (DPAs) worldwide participated in the sweep. “By downloading and briefly interacting with the apps, this exercise recreated the consumer experience,” said Tobi Cohen, spokesperson at the Office of the Privacy Commissioner of Canada. / read more

Helen Dixon was appointed, on 10 September 2014, as the new Data Protection Commissioner (‘DPC’) by the Irish Government. Dixon replaced Billy Hawkes who held the DPC role since 2005 and retired this month. / read more

The State Senate of California approved, on 21 August 2014, Assembly Bill 1710 (‘the Bill’) to amend the state’s breach notification law. If signed, the amendments would extend the scope of the law to apply to entities that ‘maintain’ personal information about California residents. The current law only imposes data security requirements for entities that ‘own’ or ‘licence’ personal information. / read more


The European Union is a wonderfully peculiar creature. Over the past decades, it has emerged as a powerful union bringing together countries that had been at war with each other for many centuries. At the same time, it represents a collection of nations with a degree of diversity that is all too palpable. It is the combination of this diversity and common values that makes the European Union so distinctive. So when an attempt is made to harmonise a regime that affects governments' decision-making powers, business models and people's rights, the way in which forces pull in different directions becomes very visible. Nothing demonstrates this tension better than the European Commission's desire to create a harmonised data protection regime overseen by a plurality of national regulators in a consistent way through the so-called 'one stop shop' model. / read more

As the Draft EU General Data Protection Regulation (‘the Regulation’) moves slowly towards completion, the Italian Presidency of the Council of the European Union (‘the Council’) will try to pave the way for general agreement. Rocco Panetta, Partner at NCTM Studio Legale Associato, explains the prospect of the EU data protection reform being defined by the end of 2014 and completed by the end of 2015. / read more

The suggestion to include data flows in the Transatlantic Trade and Investment Partnership has split opinion between the EU and US. Alex Lakatos, Partner at Mayer Brown, outlines why it is essential that the subject of data is included within the deal and seeks to address some of the common reasons espoused for resisting this idea. / read more

On 17 July 2014 the Court of Justice of the European Union (CJEU) delivered a remarkably important judgment1 cutting down claims for the widest possible interpretation of the notion of ‘personal data’ in the EU Data Protection Directive (95/46/EC) (‘the Directive’). Francis Aldhouse, Consultant at Bird & Bird, draws upon the decision in Durant v Financial Services Authority2 (FSA) to provide an analysis of the CJEU’s reasoning and the potential impact of the decision. / read more

After an extensive rulemaking that began in the spring of 2010, the Federal Trade Commission (FTC) adopted changes to its rules implementing the Children’s Online Privacy Protection Act (COPPA) that became effective 1 July 2013. COPPA applies both to websites and online services (including apps) directed to children under 13 and to general audience websites and online services with actual knowledge that they are collecting information from children under 13. As a result, COPPA applies to businesses that may not initially recognise they are covered. In response to numerous comments, the FTC modified some aspects of the original proposed rule that made compliance with the final COPPA rule somewhat easier for the business community. Nevertheless, a bit more than a year after the final COPPA rule took effect, questions remain. / read more

Friday 12 September 2014 marked six months since the Australian Privacy Principles (‘APPs’) became effective, as part of the amended Privacy Act 1988. Alec Christie and Eva Chapple, Partner and Solicitor at DLA Piper Australia respectively, count down the top privacy issues that they have encountered in the first six months of the operation of the APPs. / read more

Recently, the European Commission (‘the Commission’) announced new techincal standards to help users of radio-frequency identification technology (RFID) tags comply with requirements under the Data Protection Directive (95/46/EC) and the Commission’s 2009 Recommendation. Valerie Surgenor and Megan Briggs, Partner and Solicitor at MacRoberts respectively, examine whether the new EU–wide standards will actually aid users and explain their impact on business. / read more

The UK’s Information Commissioner’s Office (‘ICO’) released on 28 July a report (‘the Report’) into the use of big data analytics, and in particular the compliance issues that big data initiatives might bring in terms of the Data Protection Act (‘DPA’). The ICO takes the view that the principles contained within the DPA are flexible enough to cover the big data phenomenon, and in its report seeks to assist companies working with big data in complying with the DPA, as Jon Bartley, Partner at Penningtons Manches, explains. / read more

About Data Protection Leader:

The monthly law publication which covers all aspects of data protection and data privacy. Topics covered include data transfers and outsourcing, data localisation and retention, the EU General Data Protection Regulation (GDPR), the e-Privacy Directive, data security, marketing and behavioural advertising, consent, employee monitoring, privacy compliance, risk management, DPO responsibilities, accountability, Privacy by Design, acquisition and mergers, the Internet of Things, cloud computing and Big Data / read more

Search Publication Archives

Our publication archives contain all of our articles, dating back to 2004.
Can’t find what you are looking for?
Try an Advanced Search

Log in to data protection leader
Subscribe to data protection leader
Register for a Free Trial to data protection leader
data protection leader Pricing

Social Media

Follow data protection leader on TwitterView data protection leader LinkedIn Profiledata protection leader RSS Feed