This site would like to set some non-essential temporary cookies. Some cookies we use are essential to make our site work.
Others such as Google Analytics help us to improve the site or provide additional but non-essential features to you.
No behavioural or tracking cookies are used.
To change your consent settings, read about the cookies we set and your privacy, please see our Privacy Policy

Data Protection Leader

Volume: 9 Issue: 6
(June 2012)


The Article 29 Working Party (WP29) adopted, on 6 June, a Working Document 02/2012 (WP195), which describes the conditions for Binding Corporate Rules (BCRs) for data processors or Binding Safe Processor Rules (BSPRs). / read more

The Department of Legal Affairs of the Ministry of Justice with officials from the Executive Branch jointly announced ≠ on 14 May ≠ that part of the amendments to the Personal Information Protection Act (the Law) will come into force on 1 October 2012. / read more

May - June 2012 / read more


It was exactly four years ago when the term Binding Safe Processor Rules was coined. Nobody had heard about this concept before and the idea of allowing a humble data processor to take responsibility for adopting and implementing its own set of rules based on European privacy standards from which its clients could benefit to legitimise any international processing of personal data seemed ill conceived. Regulators and data protection lawyers were sceptical about the prospect of a service provider taking such a primary compliance role. However, the idea was not ill conceived and fortunately for the future of data protection, that scepticism has turned into pragmatism as the Article 29 Working Party has proved. / read more

Security is a huge issue for consumers when using mobile banking applications, which are often less secure than what banks think. Matt Peachey, Vice President of Veracode for Europe, the Middle East and Africa, explains how banking applications on mobile devices are exposing users' personal and sensitive data, and how the problem can be mitigated. / read more

The Protection of Freedoms Act 2012 received Royal Assent on 1st May 2012 and gives effect to several of the commitments in the May 2010 Coalition Agreement. The Act is described in the Home Office news release as containing 'Sweeping reforms to restore British liberties' and its somewhat grand short title is reflected in the remarks of Tom Brake MP, a Liberal Democrat, who describes it as rolling 'back Labour's surveillance state.' Perhaps, however, it should be seen more as just a useful piece of technical legislation. / read more

On 25 January this year, the EU Commission announced its proposals for a comprehensive reform of the 1995 Data Protection Directive. The proposals would create, according to Viviane Reding, Vice-President of the European Commission in charge of Justice, Fundamental Rights and Citizenship: "A single set of European rules on data protection valid everywhere across the European Union. So, one rule for the 27 Member States and for the 500 million people. One data protection authority for one company: a one-stop-shop, and one authorisation for the whole European Union." Whilst the proposed harmonisation is likely to encourage growth and simplify requirements across the EU, other proposals detailed within the draft have been met with some criticism. Dan Harris and Rhiannon Jones of Deloitte, the business advisory firm, investigate the EU Commission's proposals and discuss the potential implications that these changes could have for businesses still struggling to recover in a tough economy. / read more

Data brokers are largely invisible to consumers and unbridled by regulation. The Federal Trade Commission (FTC), the agency responsible for enforcing consumer protection laws, has emphasized the need for targeted legislation to regulate this industry. However, without legislative pronouncement to expand the FTC's jurisdiction, enforcement power over these companies remains fairly constricted. This article - written by Christie Thompson and Sharon Schiavetti, Partner and Associate respectively at Kelley Drye & Warren LLP - addresses the ramifications of the FTC's recent settlement with online people search engine, Spokeo, to the FTC's enforcement against abusive data aggregation. / read more

On 8 June 2012, the European Data Protection Supervisor (EDPS), the independent data protection and privacy supervisory authority, adopted its Opinion on the Commission Recommendation on preparations for the roll-out of smart metering systems ≠ a document which sets out guidance to Member States in preparation for the rollout of smart metering systems in Europe. Ian Stevens, Partner, and Odette Orlans, Lawyer at CMS Cameron McKenna LLP, analyse the privacy and data protection considerations raised in the process. / read more

The EU Cookie Law has come into force in various Member States, leaving European website operators wondering what their legal responsibilities are to users. Uncertainty has mainly emerged regarding the new obligation to obtain informed consent from users when placing certain types of cookies. The EU legislature has attempted to increase user awareness about cookies by ensuring that the user is provided with specific information about each cookie, maintains the right to refuse the use of that cookie, and in some cases, must consent to the use of a cookie before it is placed on his/her terminal equipment. Unfortunately, the EU legislature's attempt to establish user awareness about cookies through consent obligations has been overshadowed by confusion and frustration on the part of online businesses and local regulators. Julian Flamant, Policy Fellow at the Future of Privacy Forum, examines the issues at hand. / read more

About Data Protection Leader:

The monthly law publication which covers all aspects of data protection and data privacy. Topics covered include data transfers and outsourcing, data localisation and retention, the EU General Data Protection Regulation (GDPR), the e-Privacy Directive, data security, marketing and behavioural advertising, consent, employee monitoring, privacy compliance, risk management, DPO responsibilities, accountability, Privacy by Design, acquisition and mergers, the Internet of Things, cloud computing and Big Data / read more

Search Publication Archives

Our publication archives contain all of our articles, dating back to 2004.
Canít find what you are looking for?
Try an Advanced Search

Log in to data protection leader
Subscribe to data protection leader
Register for a Free Trial to data protection leader
data protection leader Pricing

Social Media

Follow data protection leader on TwitterView data protection leader LinkedIn Profiledata protection leader RSS Feed