1 8 September 2004

News:

The UK Government along with other EU governments has a deadline of July 2005 to introduce legislation implementing the Directive on the re-use of public information.

The Information Commissioner is expected to reject a challenge to the legality of data transfer to India by Lloyds TSB which the Lloyds TSB Group Union (LTU) is hoping would block the move of nine hundred and sixty call centre jobs from Newcastle to India.

The President’s Board on Safeguarding Americans’ Civil Liberties set up on the recommendation of the 9/11 Commission has been attacked by US civil liberties groups.

Features:

After a period of calm, and even optimism, recent developments have timely reminded us of one of the toughest nuts to crack of the 1995 data protection directive: the limitations affecting international transfers of data. During the pre-implementation of the directive in the UK, the issue of international transfers - or dataflows, as the Americans call them - became a top concern for any UK organisation doing business overseas which bothered to think about data protection. However, over the years, a lenient enforcement culture and a cautious-but-sensible attitude towards this issue have allowed us to think of it as a perfectly manageable matter.

Directive 2003/98/EC on the re-use of public sector information must be implemented by July 2005. This article examines the scope of the obligations on public bodies under the Directive, but concludes that the impact will very much depend on the manner in which the Directive is adopted - which remains far from certain.

On June 21, 2004, the French “Law on Confidence in the Digital Economy” was adopted1. That law contains stringent new provisions on marketing emails, as mandated by the 2002 EU Directive on Electronic Communications and Privacy2. On July 15, 2004, the French Law on Data Protection (which dates back to 1978) was radically amended in order to bring it in line with the requirements of the 1995 EU Data Protection Directive3. Both of these legislative changes directly impact companies doing business in France.

Jersey is within the British isles but outside the United Kingdom and the European Economic Area. This article looks at legislation designed to facilitate the free movement of data to Jersey.

Looking at the international experience of using identity cards, this article comprises the remaining part of the Information Commissioner’s Office memorandum submitted to the Parliamentary Home Affairs Committee inquiry into identify cards, reviewing the approaches in France, Italy and Sweden.

This article continues last month’s in-depth examination of data protection legislation, starting with the divergent approaches to implementing Articles 25 and 26, and examining differences in core definitions, concluding that these differences mean greater costs for pan-European businesses and greater frustration in achieving compliance.