(Oct 2, 2015) There has been no shortage of opinions and concerns about the future of the EU-U.S. Safe Harbor framework, especially after last week’s opinion from European Court of Justice (ECJ) Advocate General Yves Bot. With an ECJ decision on the matter expected next Tuesday, October 6, former General Counsel and Acting Secretary of the U.S. Department of Commerce and current Sidley Austin Senior Counsel Cam Kerry says the final decision “raises the prospect of a swift ‘one-two punch’” to the agreement. “Nevertheless,” he writes, “the Bot opinion provides a path forward for the European Commission and the U.S. based on their ongoing negotiations for reform of the agreement.” In this post for Privacy Perspectives, Kerry dives deep into the opinion and offers up his view on the potential consequences about this significant and developing case. Read More

Daily Dashboard, Europe Data Protection Digest

Notes from the IAPP Europe Managing Director, October 2, 2015

(Oct 1, 2015) Greetings from Brussels! This week’s news sees the continuation of the transatlantic Safe Harbor debate. On Monday, the U.S. Mission to the European Union expressed alarm and was critical of Advocate General Yves Bot's opinion handed down last week. In a statement, the mission said it was concerned about damage to trade and privacy in Europe and the U.S. and so urged the European Court of Justice (ECJ), which if you recall usually follows its advocate general's advice, to reach different conclu... Read More

Europe Data Protection Digest

ECJ Issues Weltimmo Decision

(Oct 1, 2015) Denis Kelleher examines the European Court of Justice (ECJ) decision this week in Weltimmo. In the case, the ECJ was “asked to consider what jurisdiction the Hungarian Data Protection Supervisor might have over a website in Slovakia,” Kelleher wrote when the Advocate General’s opinion on the case was issued this summer. In this report for The Privacy Advisor, Kelleher writes that "while it is not yet clear what precise impact this judgment will have upon the trilogue negotiations," the court's "clear analysis of the jurisdiction and responsibilities of different data protection authorities must be of assistance and hopefully will enable the EU to bring those negotiations to a close." Read More

Europe Data Protection Digest

EDPS: PNR’s Existence Isn’t Justified

(Oct 1, 2015) European Data Protection Supervisor (EDPS) Giovanni Buttarelli has published his opinion on the proposed Passenger Name Records (PNR) initiative, arguing there is "a lack of information to justify the necessity" of the move and stating it “raises serious transparency and proportionality issues, and … might lead to a move towards a surveillance society,” reports. PNR could include “home addresses, mobile phone numbers, frequent flyer information, email addresses and credit card detail... Read More

Europe Data Protection Digest

Study: Keeping Up with Data Protection Rules Is Financial Burden

(Oct 1, 2015) A Vanson Bourne survey for software agency Ipswitch found that 68 percent of respondents believe staying abreast of data protection requirements is a “financial burden,” Tech Week Europe reports. “Whilst IT professionals recognise the need to align data protection regulation to keep up with modern data-sharing practices and the globalisation of data, it is clear that compliance comes at a price for most,” said Ipswitch’s David Juitt in a statement. Meanwhile, Sachiko Scheuing, CIPP/E, tells Comp... Read More

Europe Data Protection Digest

Charities Concerned About New Rules

(Oct 1, 2015) Some in the philanthropic sector argue that the Institute of Fundraising’s (IoF) more stringent attitudes regarding the sharing of charity donor data could impact smaller charities’ ability to communicate with donors, Third Sector reports. “I think that this has a much larger impact than the EU rules, which might change,” said DM Focus’s Adrian Williams. "Many charities purchase data, so this announcement will have big consequences for them.” The IoF, however, said “sharing data where the indivi... Read More

Europe Data Protection Digest

ICYMI: Some Highlights from P. S. R.

(Oct 1, 2015) What a week it was at the Bellagio in Las Vegas, NV, as privacy pros from across the globe gathered for Privacy. Security. Risk. In case you missed the IAPP Publication Team’s live coverage from the event, here’s a roundup of just some of the highlights. Acxiom’s Jordan Abbott didn't mince words when he opened the preconference session “Vendor Compliance: Drowning In a Sea of Vendors," telling attendees: "Bottom line you're going to take away from this program is: vendors are a problem.” The pre... Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Europe Data Protection Digest

The Privacy Consequences of Ad Blockers

(Oct 1, 2015) The rise in ad-blocking technology and its increased adoption by consumers has flooded the headlines of late, bringing up debates around what this will ultimately mean for the Internet. However, ad-blocking technology can also block cookie notices, something required by EU law. “It now appears that some ad blockers, acting under a banner of privacy, are achieving exactly the opposite by removing consumer visibility into the tracking that’s taking place and consumers’ ability to chose which cookies and trackers they want to accept,” writes TRUSTe Global Communications Director Eleanor Treharne-Jones, CIPP/E. In this post for Privacy Perspectives, Treharne-Jones discusses the privacy implications of this rising trend. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Amnesty International to France: Reject Global Mass Surveillance Law

(Oct 1, 2015) Amnesty International has published a report urging the French National Assembly to reject a law giving “carte blanche” ability for mass surveillance on a global scale. The National Assembly is scheduled to take up the bill, which “revives efforts previously struck down by the Constitutional Council in its review of the 24 July 2015 French Surveillance Bill,” this week, the report states. “Under this new law, almost all Internet communications will be considered fair game by the French authorities, without any form of meaningful checks and balance,” said Amnesty International’s Sherif Elsayed-Ali, adding, “Allowing for such extensive, intrusive and indiscriminate mass surveillance is a flagrant violation of people’s right to privacy and freedom of speech.” Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

New Data Breach Guidance from PCI SSC

(Oct 1, 2015) The Payment Card Industry Security Standards Council (PCI SSC) has published guidance for organizations to handle data breaches effectively and with minimal financial consequence, reports. "Prevention, detection and response are always going to be the three legs of data protection," said Stephen W. Orfei, PCI SSC general manager. “Better detection will certainly improve response time and the ability to mitigate attacks, but managing the impact and damage of compromise comes down to p... Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest