This site would like to set some non-essential temporary cookies. Some cookies we use are essential to make our site work.
Others such as Google Analytics help us to improve the site or provide additional but non-essential features to you.
No behavioural or tracking cookies are used.
To change your consent settings, read about the cookies we set and your privacy, please see our Privacy Policy

Data Protection Leader

Volume: 14 Issue: 11
(November 2017)


Data Protection Leader confirmed, on 2 November 2017, with Mohamed Hashish, Partner at Soliman, Hashish & Partners, that a member of parliament (‘MP’) proposed, on 30 October 2017, a new law for the protection of personal information (‘Draft Law’) and submitted it to Parliament. Currently, the right to privacy is primarily protected by Article 57 of the Constitution, with sanctions for violating related rights found in the Penal Code No.58 of 1937. / read more

The Florida Supreme Court ruled, on 9 November 2017, in Emma Gayle Weaver, etc. v. Stephen C. Myers, M.D., et al., that the right to privacy under Florida’s Constitution does not end upon an individual’s death (‘the Ruling’). The Ruling concerned a medical malpractice claim brought by Weaver as an individual and as personal representative of the estate of her late husband. In particular, Weaver challenged the constitutionality of the 2013 amendments (‘the Amendments’) to Sections 766.106 and 766.1065 of the Florida Statutes, which relate to disclosures that should be made as part of medical negligence actions, on the basis that these violated the right to privacy. The Florida Statutes and the Amendments required Weaver to authorise the release of her husband’s protected health information (‘PHI’), which she alleged was irrelevant to the case, as well as to consent to secret, ex parte interviews between the health providers and the defendant or his legal representatives, in order to proceed with the medical negligence action. / read more


Beyond the opinions of regulators, transatlantic agreements and legislative proposals, there is one institution that is setting the pace like no other for the future of European data protection: the Court of Justice of the European Union (‘CJEU’). In the not too distant past, the CJEU’s rulings affecting data protection law were rare and far between. Not anymore. / read more

The recent judgement of the Supreme Court of India in Justice K S Puttaswamy (Retd.) & Anr. v. Union of India & Ors., 2017 SCC OnLine SC 996 (‘the Judgement’), guaranteeing the status of the right to privacy as a fundamental right, has captured the conscience of an entire nation and deservedly so. Owing to the magnitude of the Judgement, its reach and impact is still being assessed and will continue to be assessed for some time to come. One impact area that has come under renewed focus following the Judgement is the cross-border flow of personal data involving Indian users of internet-based service providers. In this article, Pallav Mongia and Pankaj Singh, Advocate-on-Record and Advocate at the Supreme Court of India respectively, assess the framework for data transfers in India. / read more

Established in 2004, the Dubai International Financial Centre (‘DIFC’) is home to 1,750 companies, making it one of the world’s leading financial centres. By implementing its own laws and regulations, which are administered by the DIFC Authority, the DIFC is independent from the United Arab Emirates’ (‘UAE’) civil and commercial laws. By basing its laws on international best practices, the DIFC has aimed to create an effective data protection regime. Jacques Visser, Chief Legal Officer of the DIFC Authority, talks to Data Protection Leader about the latest data protection developments in the DIFC. / read more

On 1 September 2017, the Canadian Government published proposed regulations relating to the mandatory reporting of privacy breaches under Canada’s federal data protection law, the Personal Information Protection and Electronic Documents Act 2000 (‘PIPEDA’) (‘the Draft Regulations’). The Regulations were open for public comment until 2 October 2017 and, after being finalised, are expected to come into force in early 2018. Alex Cameron and Claire Feltrin of Fasken Martineau DuMoulin examine the potential implications of the relevant provisions and the proposed regulations for organisations subject to PIPEDA. / read more

The main pillar of Statutory Law 1581 of 2012 (October 17) Which Issues General Provisions for the Protection of Personal Data (‘the Data Protection Law’) is the requirement for data controllers to obtain consent from data subjects to lawfully process their personal data. However, the Colombian data protection authority (‘SIC’) has been faced with many cases of controllers not complying with this obligation. Luis Alberto Montezuma Chavez, Privacy and Data Protection Specialist, outlines SIC’s investigations into data subjects’ complaints, and the reasoning behind its imposition of fines, in order to help organisations comply with the Data Protection Law’s requirements. / read more

In addition to the possibility for the imposition of hefty fines, a fact which has often been put forth as important when examining the General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’), the GDPR aims to secure ‘full and effective compensation’ for data subjects for damage suffered as a result of processing that infringes upon the GDPR or other delegated acts. There is also a panoply of other means or tools available to supervisory authorities, in terms of sanctions including the issuance of orders and warnings, the imposition of temporary or definitive limitations on processing and the suspension of data flows. These can also cause wider business disruptions and can be challenging to quantify with exactitude. Reputational, brand and image costs can also be significant, in particular in light of the modern media age, which all make it challenging to quantify the aggregate damage. In this article, Anna Aurora Wennakoski, PhD student in data protection and privacy law and the recipient of the International Association of Privacy Professionals’ Global Privacy Scholarship, examines some of the pertinent open issues in relation to the compensation of damages. / read more

About Data Protection Leader:

The monthly law publication which covers all aspects of data protection and data privacy. Topics covered include data transfers and outsourcing, data localisation and retention, the EU General Data Protection Regulation (GDPR), the e-Privacy Directive, data security, marketing and behavioural advertising, consent, employee monitoring, privacy compliance, risk management, DPO responsibilities, accountability, Privacy by Design, acquisition and mergers, the Internet of Things, cloud computing and Big Data / read more

Search Publication Archives

Our publication archives contain all of our articles, dating back to 2004.
Can’t find what you are looking for?
Try an Advanced Search

Log in to data protection leader
Subscribe to data protection leader
Register for a Free Trial to data protection leader
data protection leader Pricing

Social Media

Follow data protection leader on TwitterView data protection leader LinkedIn Profiledata protection leader RSS Feed