3 9 September 2006

News:

The European Commission has recently published proposals for a law change that would require telecoms companies to notify regulators and their customers of any breaches of their data security.

The release of an Information Sharing Vision Statement (ISVS) by the Department of Constitutional Affairs, detailing plans for information sharing between public services, again highlighted plans to share information from the public sector with the private sector.

Social networking website, Xanga.com, has agreed to pay a $1 million civil penalty following a complaint by the US Federal Trade Commission (FTC) for allegedly violating the Children's Online Privacy Protection Act (COPPA).

Features:

Judging by the amount of e-mails on this topic circulating at the moment, there seems to be a growing need out there for individuals who are prepared to take responsibility for the management of privacy rights and data protection compliance within an organisation - what we have traditionally called data protection managers and in America are known as chief privacy officers.

In response to the Information Commissioner's report, What Price Privacy?, the Department for Constitutional Affairs has published a consultation paper on the proposed custodial penalties for the misuse of personal data. In this article, Baroness Ashton of Upholland, from the Department for Constitutional Affairs, explains what the proposed changes will mean in practice and highlights the benefits to data sharing that the proposals will bring.

As well as raising concerns that the use of Electronic Product Codes, such as RFID, has the potential to violate human dignity and data protection rights, the Article 29 Data Protection Working Party has provided guidance on how the technology should be used. Robert Bond, a partner at Faegre & Benson LLP, examines possible future developments in this area in the EU and internationally.

Franchisee Grow With Us argued that although a contract required it to supply franchisor Green Thumb (UK) Ltd with electronic customer data, to have supplied that data would be a breach of the DPA. Bridget Treacey, a partner with Barlow Lyde & Gilbert, details how the case highlights a misconception: that it is the responsibility of the franchisor to show that such a transfer would not infringe the DPA.

In a recent decision, the Court of Appeal has issued valuable guidance on the position of financial institutions required to transfer funds, when they suspect that to do so, may implicate them under the Proceeds of Crime Act. Anthony Riem and Vasco de Oliveira of Philippsohn Crawfords Berwald Solicitors examine the case.

The International Chamber of Commerce has proposed a standard application form for the approval of "binding corporate rules" as a modest step forward in multinational corporate groups' seemingly endless search for compliance with EU restrictions on data transfer. Richard Jones of Clifford Chance assesses how far there still may be to go.

Growing sophistication and mainstream adoption of new media advertising is likely to raise novel issues in relation to old data protection problems. In this article, Simon Briskman, a partner at Field Fisher Waterhouse, examines common issues surrounding online data capture for advertising purposes in Europe.

A recent Court of Appeal criminal case has been widely welcomed for not following the narrow definition of 'personal data' in the Durant judgment. Ruth Boardman and Rhian Ap Dewi of Bird & Bird, examine the judgment and explain why the case did not consider Durant.