3 5 May 2006

News:

The UK Information Commissioner has called on the Government to introduce prison sentences for people convicted of obtaining personal data through deception, prohibited under section 55 of the 1998 Data Protection Act (DPA). The maximum penalties currently available to the courts for Section 55 offences are unlimited fines in the Crown Court or a £5,000 fine in a Magistrates Court.

Data Protection Law & Policy is organising a half day Briefing 'Data Protection and Employment Law', on Monday 19 June, focussing on best practice methods for organisations in dealing with employees and their data.

Major US companies, including Microsoft and IBM, are backing 'best practice' rules for the use of Radio Frequency Identification (RFID), which the Centre for Democracy & Technology (CDT) launched on 1 May.

Features:

The UK Information Commissioner has given the clearest indication yet that - like some of his European counterparts and US regulators - he can also be tough. In fact, he is getting so tough that he is calling for prison sentences of up to two years for the illegal buying and selling of personal information.

The Information Commissioner's Office has recently released guidance for small and mediumsized companies to address the challenges they face when transferring personal data in an outsourcing deal. Bridget Treacy, partner at Barlow Lyde & Gilbert, examines the guidance.

With the recognition by regulators that enforcement actions play an important role in ensuring organisations comply with their data protection obligations, the UK ICO has implemented a policy which prioritises enforcement action. Francis Aldhouse, a consultant with Bird & Bird, explains the developments

The European Commission has recognised RFID as a technology 'that has great potential for many economic operators in Europe'. It has recently launched a series of consultations with industry, governments and public interest groups to address the benefits and challenges of the technology. Angela Kindness, an associate at Eversheds LLP, looks at the latest developments.

The recent court order requiring Google to hand over search data to the US Department of Justice raised concerns that rights to privacy are being eroded. Phil Lee, a solicitor at Denton Wilde Sapte, examines the case and assesses whether this could happen in the UK.

Wi-Max technology promises to revolutionise internet access for business and the home by providing users with cost-effective remote access and enhanced performance. However, concerns exist over the security and privacy protections available to users. Daniel Cooper and Shamma Iqbal of Covington & Burling examine the issues.

Security breaches involving the unauthorized access and theft of electronically stored personal information are on the rise. More than 150 significant data breach incidents were reported in the United States in 2005 alone, potentially affecting more than 57 million individuals. In reaction to the growing trend in personal information and identity theft, New York has enacted the Information Security Breach and Notification Act ("Act"), which became law on 8 December 2005.