4 2 February 2007

News:

Data privacy and security are taking centre-stage in Congress as legislators propose bills aimed at cracking down on data breaches involving consumer personal data.

Data Protection Law & Policy is organising a ground breaking two-day European Data Protection Intensive, which will provide authoritative information from reliable advisors on the data protection rules and regulations in all 27 EU Member States, plus Jersey, Norway and Switzerland.

The UK's Financial Services Authority (FSA) fined Nationwide £980,000 pursuant to section 206 of the Financial Services and Markets Act (FSMA) 2000 for breaching Principle 3 ('reasonable care') of its Principles for Business.

Features:

In the UK, the government has been defending the benefits of data sharing within the public sector since the Performance and Innovation Unit of the Cabinet Office issued its influential report, Privacy and Data-Sharing, in 2002. At the time, the UK government pointed out that the ability to deliver high quality services in a cost-effective way for the taxpayer depended on the effective use of knowledge and information - including personal information about citizens. The government also recognised that the public sector should adopt the least intrusive approach to data sharing, and that citizens should have a greater say over the use of their personal information in the delivery of public services.

The Financial Services Authority's decision to fine Nationwide for failing to implement proper security procedures following the theft of a laptop highlights the dangers of inadequately tackling data breaches. Bridget Treacy and Lisa Sotto, partners in the global privacy practice at Hunton & Williams, examine the movement towards a data breach notification law in Europe, and explain lessons to be learned from the US' experience.

The UK government has a vision that public sector information will be shared to expand opportunities for the public benefit. Nigel Wildish, a partner at Field Fisher Waterhouse LLP, examines how current data protection law applies to the sharing of public sector information, highlights other legal issues that may need to be addressed if the government's plans are put into action, and suggests actions that could lead to progress towards public sector data sharing.

The battle against the illegal trade in personal data is not a new issue, with government proposals and amendments to legislation going back to 1972, when the findings of the Younger Committee were released. In this article, Francis Aldhouse, a consultant with Bird & Bird and former Deputy UK Information Commissioner, analyses section 55 of the Data Protection Act and the requirements to secure a conviction against instances of illegal data trading.

The government and an increased number of businesses based in the United Arab Emirates are setting up online, facilitated by improved internet access. Michael Day, of Trowers & Hamlins, highlights how the UAE's laws were ill-equipped to cope with the data protection challenges that this movement presented, and explains how recent new legislation has brought the UAE into line with European Union regulations and directives.

Despite being an early pioneer in telecommunications data surveillance, Ireland has also seen resistance to both domestic and European data retention laws on procedural and civil rights grounds. TJ McIntyre, barrister, lecturer in law at University College Dublin and chairman of Digital Rights Ireland, outlines recent developments.