This site would like to set some non-essential temporary cookies. Some cookies we use are essential to make our site work.
Others such as Google Analytics help us to improve the site or provide additional but non-essential features to you.
No behavioural or tracking cookies are used.
To change your consent settings, read about the cookies we set and your privacy, please see our Privacy Policy

Data Protection Leader

Volume: 7 Issue: 2
(February 2010)


The European Commission (EC) adopted a Decision on 5 February updating the existing model clauses for the transfer of personal data to processors established outside the European Union, however industry representatives fear the updated standard contractual clauses will fail to meet their expectations. / read more

The European Court of Justice (ECJ) ruled on 4 February that Sweden must pay a penalty for failing to transpose the Data Retention Directive (2006/24/EC) into national law. Member States had until September 2007 to fulfil their obligations under the Directive - which requires telecommunications and internet service providers to store communications data for a period of between six months and two years. / read more

Financial Industry The Regulatory Authority (FINRA) issued guidelines on 25 January to clarify the issues that securities firms should consider when developing procedures to monitor their representatives' electronic communications on social networking websites. / read more


Frustrated. Perplexed. Disappointed. Now multiply these feelings by a factor of 13 (see the reason for this factor below) and you will have an idea of how most global vendors feel after digesting the new set of controller to processor model clauses approved by the European Commission. After years of hope for a truly flexible contractual solution suited to the dynamic nature of today's data flows and cloud computing services, the expectation was that the Commission would deliver just that. Clearly, this was an unrealistic expectation as the new standard clauses overlook the realities of global outsourcing in the 21st century. / read more

The French Senate drafted a proposed Bill in November 2009 that would amend the Data Protection Act, introducing a requirement for data controllers to obtain the prior consent of data subjects before installing cookies on their computers, and a security breach notification obligation. The proposed Bill would also empower the French data protection authority to impose stronger fines. Olivier Proust, from Hunton & Williams, a legal expert consulted by the French Senate while drafting the proposal, examines the main changes proposed by the Senate. / read more

The use of 'Smart Grids' allows information about personal electricity consumption in the home to be disseminated to utilities, third party service providers and government agencies, and used in ways never contemplated by the average consumer. Christopher Wolf, of Hogan & Hartson LLP, examines how privacy is affected by the development of the grid. / read more

The Guernsey Parliament, the States of Deliberation, has approved a package of amendments to Guernsey's data protection legislation, which will come into effect on 1 March 2010. Peter Harris, Data Protection Commissioner for Guernsey, analyses the changes made to the island's data protection regime and explains why mandatory breach notification is not in the pipeline. / read more

The use of electronic means of communication has risen dramatically in the last decade, and now includes a variety of social networking websites. Yet, how much of this social networking data can be disclosed during e-discovery proceedings? As US courts still grapple with the issue, John Woods, Michael A. Oakes and Meghan A. Podolny, from Hunton & Williams LLP, examine the latest developments in this area. / read more

The use of stop and search powers, in contexts where the link with an 'imminent terrorist threat' would appear somewhat tenuous, has raised issues regarding their proportionality and lawfulness. Christopher Rees and Hayley Brady, of Herbert Smith LLP, refer to the European Court of Human Rights Gillan and Quinton case to examine the current balance between privacy rights and anti-terrorism measures, also in light of the recent introduction of airport body scanners in the UK. / read more

The House of Representatives approved the new Data Accountability and Trust Act (DATA) on 8 December 2009. If passed, the Act would preempt many state breach notification laws and introduce a federal notification requirement. David Navetta, Founding Partner of the Information Law Group, discusses the potential impact of DATA on data breach policies and risk assessments for large and small companies in the US. / read more

About Data Protection Leader:

The monthly law publication which covers all aspects of data protection and data privacy. Topics covered include data transfers and outsourcing, data localisation and retention, the EU General Data Protection Regulation (GDPR), the e-Privacy Directive, data security, marketing and behavioural advertising, consent, employee monitoring, privacy compliance, risk management, DPO responsibilities, accountability, Privacy by Design, acquisition and mergers, the Internet of Things, cloud computing and Big Data / read more

Search Publication Archives

Our publication archives contain all of our articles, dating back to 2004.
Canít find what you are looking for?
Try an Advanced Search

Log in to data protection leader
Subscribe to data protection leader
Register for a Free Trial to data protection leader
data protection leader Pricing

Social Media

Follow data protection leader on TwitterView data protection leader LinkedIn Profiledata protection leader RSS Feed