This site would like to set some non-essential temporary cookies. Some cookies we use are essential to make our site work.
Others such as Google Analytics help us to improve the site or provide additional but non-essential features to you.
No behavioural or tracking cookies are used.
To change your consent settings, read about the cookies we set and your privacy, please see our Privacy Policy

Data Protection Leader

Volume: 8 Issue: 5
(May 2011)


Guidelines published by the Information Commissioner's Office (ICO) on 9 May 2011, recommend that companies assess how they are using cookies and their level of intrusiveness, as the first step towards complying with Article 5(3) of the revised e-Privacy Directive. Companies are being advised that once they have assessed the level of risk, they should think about the best method to gain consent. / read more

An amendment to the Italian Data Protection Code aimed at reducing red tape obligations for Italian data controllers will save them €600 million, according to the Minister for Public Administration and Innovation, Renato Brunetta. / read more

The Indian Ministry of Communications and Information Technology issued on 13 April final Rules under section 43A and 79 of the IT (Amendment) Act 2008, requiring that businesses obtain consent in writing from the provider of sensitive personal data before such data can be processed. / read more


No avid reader of Article 29 Working Party Opinions would be surprised to see statements such as 'location data from smart mobile devices are personal data' or 'the combination of the unique MAC address and the calculated location of a WiFi access point should be treated as personal data'. However, when those statements appear alongside references to the night table next to someone's bed, or the fact that specific locations reveal data about someone's sex life, one cannot stop wondering whether an intended clarification of the applicable legal framework to geolocation services available on smart mobile devices is getting a bit sensationalistic. / read more

The French Senate adopted in March 2010 a Bill amending the French Data Protection Act, which would introduce an obligation for controllers to notify data breaches to the French data protection regulator, as well as the mandatory appointment of a 'Data Protection Correspondent'. Raphaël Dana, Partner at Sarrut Avocats, analyses the changes that the Bill, if enacted, would bring to the French data protection framework. / read more

With the deadline for compliance with the e-Privacy Directive (2009/136/EC) looming on the horizon, internet companies are struggling to make sense of the secondary legislation which was recently published in the UK and the ICO's guide supplementing this. Ruth Boardman, Partner at Bird & Bird, assesses the new guidance. / read more

The US Federal Trade Commission announced on 30 March 2011 that a settlement had been reached with Google Inc. over the 2010 rollout of the search engine's Buzz social network. The FTC held in an agreement that Google had violated its own consumer privacy policy and, as such, was required to prevent future misrepresentations by implementing a comprehensive privacy policy and undertaking privacy audits. Michael Mallow and Michael Thurman, Partners at Loeb & Loeb LLP, explain how businesses should use the Google consent order as a model on which to base their own compliance procedures. / read more

Last November, the EU Commission set out its aims to modernise the 1995 EU Data Protection Directive in a November 2010 Communication. Philip James, Partner at Pitmans LLP, reviews some of the responses to the Commissioner's consultation in relation to a particular conundrum facing the Commission - data portability. / read more

With the world's attention firmly focused on the recent widespread political turmoil and significant changes currently occurring within Middle Eastern countries, businesses are braced for the potential regulatory changes which may result. Janet Steinman, Attorney and Owner of The Law Office of Janet Steinman, discusses in Part I of this article the data protection laws of countries in the Middle East. / read more

How do we balance the competing interests of the new concept of the right to be forgotten, with current notions of freedom of expression and matters of public interest? James Leaton Gray, Head of BBC Information Policy and Compliance, presents his personal view on how the right to be forgotten needs to be more fully discussed and shouldn't accidentally become a tool to alter history or stifle media reporting. / read more

About Data Protection Leader:

The monthly law publication which covers all aspects of data protection and data privacy. Topics covered include data transfers and outsourcing, data localisation and retention, the EU General Data Protection Regulation (GDPR), the e-Privacy Directive, data security, marketing and behavioural advertising, consent, employee monitoring, privacy compliance, risk management, DPO responsibilities, accountability, Privacy by Design, acquisition and mergers, the Internet of Things, cloud computing and Big Data / read more

Search Publication Archives

Our publication archives contain all of our articles, dating back to 2004.
Canít find what you are looking for?
Try an Advanced Search

Log in to data protection leader
Subscribe to data protection leader
Register for a Free Trial to data protection leader
data protection leader Pricing

Social Media

Follow data protection leader on TwitterView data protection leader LinkedIn Profiledata protection leader RSS Feed