(Apr 28, 2016) Greetings from Brussels! You may know this, but for the sake of laying groundwork: On 23 June 2016, the United Kingdom will hold a referendum — known as Brexit — about its continued membership in the European Union (EU). The question being posed is, "Should the United Kingdom remain a member of the European Union or leave the European Union?" The referendum is a simple in/out vote. No full Member State has ever left the EU and so the practicalities and overall impact surrounding a possible Brex... Read More

Europe Data Protection Digest

DPA: Individuals must be notified of unauthorized data disclosures

(Apr 28, 2016) Following a string of cases involving the unauthorized disclosure of personal health data, the Norwegian Data Protection Authority will now require companies to alert individuals who have had personal data disclosed without consent, Bloomberg BNA reports. Norwegian law never specified whether people had the right to be notified of data breaches, but the health data incidents heard by Norway’s Privacy Appeals Board brought the new practices to life. While the country has regulations to disclose privacy breaches, they did not have any ruling on what happens when the information has been sent to an unauthorized party. DPA Senior Advisor Eirin Oda Lauvset said, “Neither of the provisions alone provides the data subject with a clear right to be informed if his or her information has been disclosed to someone who is unauthorized.” Read More

Europe Data Protection Digest

Head of German spy agency stepping down

(Apr 28, 2016) In a surprising announcement, Gerhard Schindler, the head of the BND foreign intelligence agency, declared he will step down two years earlier than expected, Reuters reports. Schindler was originally going to retire in 2018, but instead will be replaced by Bruno Kahl, an official in the finance ministry, 1 July. Schindler, who held the position since 2012, did not give a reason for his departure. Peter Altmaier, the chief of staff for Chancellor Angela Merkel, said the BND faces big tests in the immediate future. "These include the evolution of its mission in light of shifting security challenges, the upgrading of the agency on the technical and personnel front, organizational and legal consequences arising from the parliamentary investigation into the NSA and the move of large parts of the BND from Pullach to Berlin," Altmaier said. Read More

Europe Data Protection Digest

Civil rights group releases video satirizing Investigatory Powers Bill

(Apr 28, 2016) Liberty, a civil rights campaign charity, released a video lampooning the potential surveillance powers the British government could possess if the Investigatory Powers Bill is passed, The Huffington Post reports. In “Show Me Yours,” comedian Olivia Lee approaches random citizens, browbeating them into showing personal information on their phones. Lee is met by a series of irritated individuals, highlighting Liberty’s opposition to the bill Home Secretary Theresa May is looking to pass and how c... Read More

Europe Data Protection Digest

Former HSBC employee suing for unfair dismissal after data breach

(Apr 28, 2016) A former HSBC Holdings employee is suing the company for unfair dismissal after he was fired for sending client data to his personal email address, Bloomberg reports. Ben Lazimy sent a 1,400-page spreadsheet containing every equity transaction the bank processed in 2010, including information on client names and margins, HSBC lawyer Clarisse Lebigot said. Jamila El Berry, Lazimy’s lawyer, said no breach of professional secrecy was committed, as the document was never seen by another party. The spreadsheet could be accessed by nearly everyone in the building, and police found the attachment “was damaged and unusable.” HSBC suffered a similar incident when another former employee took client data to show its Geneva private banking unit was aiding foreign clients dodge taxes. Read More

Europe Data Protection Digest

Denham approved as next UK Information Commissioner

(Apr 28, 2016) The U.K. will have a new data protection authority this summer after the Parliament’s Culture, Media and Sport Committee formally approved Elizabeth Denham as the next Information Commissioner. Denham, who currently serves as British Columbia’s Information and Privacy Commissioner, will replace Christopher Graham when his term is up this summer. Denham faced questions from the committee during a hearing Wednesday, answering questions on the GDPR, fining powers and much more. Jedidiah Bracy, CIPP/E, CIPP/US, reports on the details for The Privacy Advisor. Read More

Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Opinion: The UN should lead the world in privacy

(Apr 28, 2016) “While the protection of privacy constitutes by now a global concern, new technologies or methods of processing … may easily drive to despair any legislator who attempts to apply local jurisdiction approaches on personal data processing that … treats national borders as irrelevant,” write professor Paul De Hert and Vagelis Papakonstantinou. “Quite contrary to what is urgently needed,” they continue, “an entrenchment attitude may be identified even in data protection models devised today.” For ex... Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

CA commish funds next step in big data ethics project

(Apr 27, 2016) Among the 10 privacy research projects awarded as much as $50,000 CND by Canada’s Office of the Privacy Commissioner this week is a project many privacy pros have likely already glimpsed a piece of: The Information Accountability Foundation’s Big Data Ethics Initiative. Two and a half years in the making already, the effort has been building toward a framework that organizations can use to make ethical decisions about the use of data that goes beyond what those organizations might have explicit consent for. The IAPP’s Sam Pfeifle talks with the IAF’s Marty Abrams for The Privacy Advisor about why this initiative in Canada will have global implications and usefulness, and why consent is an imperfect model. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Former DARPA director: Stop with the backdoors

(Apr 27, 2016) The U.S. government’s argument for backdoors into encrypted devices has received a fresh blow as another of its own former top brass has come out against the idea. Kaigham “Ken” Gabriel, former acting director of the Defense Advanced Research Projects Agency, the military’s top-secret, high-tech operation responsible for inventing the forerunner to the Internet, told the IAPP’s Jennifer Baker in a recent interview for The Privacy Advisor that he was strongly in favor of personal privacy even in the face of other interests: "Personal privacy is paramount,” he said. “The reality is, we as countries and companies have had the technology to effectively encrypt things to the point where even nation states can’t necessarily decrypt them for some time now. I actually think that in general, that is a good thing.” Read More

Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Commission to scrutinize US tech platforms, backs sharing ‘by default’

(Apr 27, 2016) In two related reports from EurActiv, the European Commission, on one hand, aims to propose new rules regulating online platforms, and, on the other, backs an initiative to open data flows “by default.” A leaked draft communication of the proposed regulations reveals the Commission’s definition of online platform as consisting of “direct interactions between users via online systems […] that capitalize on data-driven efficiencies enabled by network effects.” While Netflix would not be covered by... Read More

Daily Dashboard, Europe Data Protection Digest