This site would like to set some non-essential temporary cookies. Some cookies we use are essential to make our site work.
Others such as Google Analytics help us to improve the site or provide additional but non-essential features to you.
No behavioural or tracking cookies are used.
To change your consent settings, read about the cookies we set and your privacy, please see our Privacy Policy

Data Protection Leader

Volume: 7 Issue: 4
(April 2010)


The reasoning behind the 24 February judgment that led to three Google executives being sentenced to six-month suspended prison sentences was published on 12 April. Milan Judge, Oscar Magi, clarified that Google's argument that it acted as a 'host provider' - and not as a 'content provider' - was irrelevant to the case. / read more

The European Data Protection Supervisor (EDPS), Peter Hustinx, will deliver a keynote speech at the 4th annual European Data Protection Intensive (EDPI), organised by DataGuidance, sister publication of Data Protection Law & Policy. / read more

Mississippi enacted a data breach notification law - on 7 April 2010 - which will require a business that 'owns, licenses or maintains personal information of any resident of [the] state' to provide notice of a security breach to all affected individuals. The law will become effective on 1 July 2011. / read more


It has not been the most successful start of the year for the world's data services vendors. In addition to the current security-related pressures affecting providers of data processing services, the much awaited European Commission's decision on the new standard contractual clauses for transfers of data proved to be pretty disappointing in terms of reasonableness and flexibility ≠ especially in respect of subcontracting. / read more

The Article 29 Working Party has recently provided guidance on the meaning of the fundamental terms of data controller and data processor. However, how well has it done in removing the uncertainty introduced into these terms by the SWIFT case? Renzo Marchini, Counsel at Dechert LLP, analyses how helpful the newly introduced concept of 'essential elements of the means' will be in practice. / read more

On 8 December 2009, the French Supreme Court (Cour de Cassation) found illegal a Code of Business Conduct set out by Dassault Systèmes Group which referred to a whistleblowing system allowing employees to alert on possible violations. / read more

Israel has developed an elaborate regime for the protection of personal data - one which has been given an adequacy approval by the Article 29 Working Party in 2009. With major international privacy events taking place in Jerusalem this year, Israel's privacy regime is bound to receive mounting attention from the rest of the world. Amit Ashkenazi, of the Law Information and Technology Authority, examines the main principles under Israeli law. / read more

The Constitution of Thailand expressly states that protection is afforded to personal data under the laws of the Kingdom of Thailand. Although personal data is protected to a certain extent under a number of current statutes, no specific law regulating privacy has yet been enacted. The Thai Government drafted the Personal Data Protection Bill and introduced it in Parliament last November. Dhirapol Suwanprateep, a Partner at Baker & McKenzie, analyses the Bill and the main aim behind it - promoting the flow of data from countries affording stronger protection. / read more

The Bulgarian Parliament voted last February against an amendment to the Electronic Communications Act which would have reinstated the right of the Ministry of Internal Affairs to have direct access to the communications data retained by fixed and mobile operators and internet service providers. This right - originally contained in the Bulgarian Data Retention Regulation - had been struck down by the Supreme Administrative Court in 2008. Galina Bunkova, from Tsvetkova Bebov & Partners, analyses the controversial proposals and the amendments actually passed by the Bulgarian Parliament, which will come into force in May. / read more

The EDPS issued two Opinions on pharmacovigilance in 2009, urging that the data processed, shared and retained in the testing of drugs be minimised and - wherever possible - anonymised. Ellis Parry, Global Privacy Counsel at AstraZeneca UK, analyses the EDPS's Opinions and explains that, while the path may not be clear, the destination is data pseudonymisation. / read more

About Data Protection Leader:

The monthly law publication which covers all aspects of data protection and data privacy. Topics covered include data transfers and outsourcing, data localisation and retention, the EU General Data Protection Regulation (GDPR), the e-Privacy Directive, data security, marketing and behavioural advertising, consent, employee monitoring, privacy compliance, risk management, DPO responsibilities, accountability, Privacy by Design, acquisition and mergers, the Internet of Things, cloud computing and Big Data / read more

Search Publication Archives

Our publication archives contain all of our articles, dating back to 2004.
Canít find what you are looking for?
Try an Advanced Search

Log in to data protection leader
Subscribe to data protection leader
Register for a Free Trial to data protection leader
data protection leader Pricing

Social Media

Follow data protection leader on TwitterView data protection leader LinkedIn Profiledata protection leader RSS Feed