2 1 January 2005

News:

Leading data protection expert, Dr Chris Pounder, has attacked the government for using ‘coercion rather than co-operation’ to achieve data sharing through its identity card legislation.

The EU Commission approved on December 27 model terms for data transfer developed by a number of business organisations. The Commission decision is effective as from 1 April 2005, although it seems likely that many supervisory authorities will allow use of the terms before then.

Patients at an NHS hospital were mislaid for hours after hospital managers removed patients’ identification name boards for perceived non-compliance with the Data Protection Act. One consultant general surgeon, Lloyd Jenkinson, was so concerned, he published an article in the British Medical Journal to draw attention to the problem.

Features:

The regulatory limitations affecting international transfers of personal data have been a controversial issue since the early nineties. Even before the deadline for implementation of the 1995 Data Protection Directive kicked in, businesses across the EU struggled to find a way to accommodate their normal data sharing and communication practices to the impending legislation. In response to these concerns, the International Chamber of Commerce and the Confederation of British Industry took the lead and started working on some kind of contractual solution to the problem.

On 27 December 2004, the EU Commission approved model terms for data transfer developed by a number of business organisations. ( See here ). The Commission decision is effective as from 1st April 2005, although it seems likely that many supervisory authorities will allow use of the terms before then. Ruth Boardman, partner at Bird & Bird, explains the structure of the new terms.

The Article 29 Working Party is keen to make demonstrable progress in improving data protection compliance within Member States. Elizabeth McSweeney of Field Fisher Waterhouse reveals the Working Party’s proactive new views on enforcement.

Valerie Taylor, Information Consultant at Privacy Solutions Ltd gives us her predictions for the coming year, including a slow start for FOI and an increase in security glitches as use of wireless technology increases. She also looks forward to clarification at an EU level of some of the issues raised in the Durant case.

In this article, Dr. Chris Pounder of Pinsent Masons explains his own personal take on the Government’s proposals. He criticises the Government for using coercion rather than co-operation to achieve data sharing through it’s identity card legislation.

Multi-application smart cards are becoming more and more common. In order to benefit from the opportunities offered by multi-application smart card schemes, e.g., the generation of value-added information, authorities at different tiers are considering implementing local and national smart card schemes. However, from a privacy point of view, the use of such “universal” cards, incorporating various applications, e.g., financial, e-ID1, public transport, leisure, loyalty schemes, etc., is not without concerns.