This site would like to set some non-essential temporary cookies. Some cookies we use are essential to make our site work.
Others such as Google Analytics help us to improve the site or provide additional but non-essential features to you.
No behavioural or tracking cookies are used.
To change your consent settings, read about the cookies we set and your privacy, please see our Privacy Policy

Data Protection Leader

Volume: 8 Issue: 11
(November 2011)


The Court of Justice of the European Union (CJEU) ruled on 24 November 2011, that additional requirements imposed by the Spanish data protection law are incompatible with the EU Data Protection Directive (95/46/EC). / read more

The Court of Justice of the European Union (CJEU) clarified that IP addresses are 'protected personal data', on 24 November, in Scarlet v SABAM (Case C-70/10), while ruling that internet service providers (ISPs) cannot be legally compelled to monitor the online activities of their customers. / read more

The Hong Kong Privacy Commissioner, Allan Chiang, expressed his concerns over a mechanism by which individuals could opt-out of having their data sold for direct marketing under the Personal Data (Privacy) Amendment Bill. / read more


Compact. Self-contained. Multi-layered. Hard to penetrate and rich inside with a mix of flavours and tones. Judging by the commentary surrounding the forthcoming EU data protection framework circulating in the corridors of the IAPP European Data Protection Congress that took place in Paris at the end of November, we could have been describing a typical Parisian macaron instead of a new law. / read more

Law No 22/11 came into force on 17 June 2011, introducing for the first time a comprehensive privacy regulation in the country. Before 2011, data protection law was a virtual no-man's land governed by a handful of very disparate provisions. While many decisions remain in the hands of the Data Protection Agency, the Angolan legislator has laid down a solid regulatory framework to guarantee the protection of individuals' data. João Luís Traça and Bernado Embry, Partner and Associate respectively at Miranda Correia Amendoeira & Associados in Portugal, examine the framework in place. / read more

Many businesses, including those in financial services and payments, are waiting expectantly to see what is included in the draft proposals for the new EU privacy legal framework - expected to be published end of January 2012. / read more

Alfredo Della Monica, Counsel at American Express and responsible for the company's EMEA data protection issues, shares his views on the data protection challenges and issues faced by financial companies, and his thoughts on how the industry is moving forward. / read more

Today, no company - even with comprehensive privacy policies and practices - can be safe from data breaches. Can companies effectively transfer the risk (and cost) of data breaches by way of insurance? What costs should the companies consider? Almost every reference to the cost of data breaches or 'cyber crime' identifies the actual cost of the breach notification as its common currency. In Part One of this analysis, Rick Welsh, Cyber Underwriting Director at ANV, explores this metric's limitations and the true exposure and cost of data breaches. / read more

The data protection landscape in Hong Kong is set to change as a result of a number of recent incidents of mishandling of data and criticisms that the current Ordinance lacks teeth to make if effective. Gabriela Kennedy and Heidi Gleeson, of Hogan Lovells LLP, provide an overview of the Hong Kong data protection regime and an analysis with comparison to the APEC Privacy Framework and the EU Data Protection Directive. / read more

The European Commission in its 'Comprehensive approach on personal data protection in the European Union' (COM 2010, 609 final), recognised cloud computing as an emerging phenomenon, involving a radical revision of the EU regulatory framework, 'as it may involve the loss of individuals' control over their potentially sensitive information when they store their data with programs hosted on someone else's hardware'. Rocco Panetta, Partner at Panetta & Associati, explores liability issues that could arise when using cloud services. / read more

Data protection authorities in the EU and the US are looking into complaints arising from social networking site Facebook's acquisition and retention of user data. Their investigations focus on Facebook's 'profiling' of user behaviour through their use of plug-ins and applications on the site. This article, written by David Cullen, Partner at William Fry, examines the widely publicised investigations by German and Irish data protection regulators and the US Federal Trade Commission. / read more

About Data Protection Leader:

The monthly law publication which covers all aspects of data protection and data privacy. Topics covered include data transfers and outsourcing, data localisation and retention, the EU General Data Protection Regulation (GDPR), the e-Privacy Directive, data security, marketing and behavioural advertising, consent, employee monitoring, privacy compliance, risk management, DPO responsibilities, accountability, Privacy by Design, acquisition and mergers, the Internet of Things, cloud computing and Big Data / read more

Search Publication Archives

Our publication archives contain all of our articles, dating back to 2004.
Canít find what you are looking for?
Try an Advanced Search

Log in to data protection leader
Subscribe to data protection leader
Register for a Free Trial to data protection leader
data protection leader Pricing

Social Media

Follow data protection leader on TwitterView data protection leader LinkedIn Profiledata protection leader RSS Feed