DPI16_Banner_300x250 WITH COPY

(Feb 11, 2016) Greetings from Brussels! The proposed U.K. spying law, aka the Snooper’s Charter, is again the subject of controversy. According to the Intelligence and Security Committee of the Parliament, one of several bodies scrutinizing the proposed bill, the law doesn’t offer enough privacy protection and gives intelligence agencies too much bulk access to personal information. In a fairly damning comment on Tuesday, the committee stated that the current draft appeared to have suffered from a "lack of s... Read More

Europe Data Protection Digest

WP29 lays out 2016 action plan for GDPR implementation

(Feb 11, 2016) Last week, the Article 29 Working Party shared its preliminary assessment of the proposed EU-U.S. Privacy Shield agreement. Lost amid this anticipation, however, was an equally significant announcement from the regulatory collective’s head, Isabelle Falque-Pierrotin, regarding the group’s action plan for the implementation of the General Data Protection Regulation. In this report for The Privacy Advisor, Jedidiah Bracy, CIPP/E, CIPP/US, shares commentary from Falque-Pierrotin during last week’s presser and looks into Thursday’s official release by the WP29 of its four action-plan items, which include the establishment of a European Data Protection Board, preparation for a one-stop shop and consistency mechanism, guidance for controllers and processors, and the creation of an online communication tool around the EDPB and GDPR. Read More

Europe Data Protection Digest

CPOs can expect ‘big shift’ in duties under GDPR

(Feb 11, 2016) The General Data Protection Regulation’s forthcoming requirements will modify and “enhance” the roles of a company’s data controllers and chief data privacy officers, warns DLA Piper’s JP Buckley at a recent Computing webinar on the subject. "There's a new requirement to appoint data privacy officers. That's a title that has traditionally been quite an administrative role,” said Buckley in the Computing report. “It's now going to be a role that reports directly to the highest level of management and is involved in decisions around where data is being used and how. That's a really significant shift,” he continued. However, the GPDR’s “harmonization” of privacy laws across the EU “will actually make business more effective and easier to run," Buckley added. Read More

Europe Data Protection Digest

Consumer rights group accuses dating app of surreptitious data sharing

(Feb 11, 2016) In a formal complaint to the CNIL, consumer rights advocacy group UFC-Que Choisir maintained that dating app Happn was sending user data to American-based third party organizations without user consent, Telecompaper reports. The data transfer would occur even after the app was deleted, the report states. “We transfer data to no one,” beyond the data shared within the app, said Happn co-founder Didier Rappaport. (Registration may be required to access this story.) Read More

Europe Data Protection Digest

‘Weird science’ using data to up cyber finance’s game

(Feb 11, 2016) Businesses in the financial industry are employing everything from geolocation software to “3-D facial imaging coupled with artificial intelligence algorithms” and online data collection to bring banking into the 21st century, The Telegraph reports. “Payments, banking, pensions and investments are being shaken up by the ‘geek squad,’” the report states. “Old, established brands such as Aviva now have spinoffs called things like Digital Garage, and last year the regulator received 39 requests for... Read More

Europe Data Protection Digest

Intelligence and Security Committee unimpressed with draft investigatory powers bill

(Feb 11, 2016) Two days abreast of a final parliamentary report, the Intelligence and Security Committee’s own review of the Investigatory Powers Bill found that the draft legislation lacks clarity and transparency, the Guardian reports. “Given the background to the draft bill and the public concern over the allegations made by Edward Snowden in 2013, it is surprising that the protection of people’s privacy — which is enshrined in other legislation — does not feature more prominently,” the committee said. The committee recommended that legislators work to address with greater clarity the issues of “equipment interference, bulk personal datasets and communications data,” the report adds. Read More

Europe Data Protection Digest

European Commission uses studies to gauge smart car privacy issues

(Feb 11, 2016) In an effort to better understand the privacy and cybersecurity risks that come with smart cars, the European Commission appointed a collection of multi stakeholder groups to conduct various studies on the subject, Hogan Lovells reports. In December 2015, C-ITS Working Group 6 studied different ways smart car-gleaned data could be appropriately viewed, with the agency ultimately finding “three technical solutions for data sharing platforms,” such as an in-car “external data server platform,” the... Read More

Europe Data Protection Digest

Dutch draft law could expand police hacking powers

(Feb 11, 2016) Privacy advocates and members of Parliament have taken umbrage with a draft Dutch legislation that expands police hacking ability, DutchNews reports. “We are extremely critical,” said privacy group Autoriteit Persoonsgegevens’ Jacob Kohnstamm. “It will not be in the police’s interest to make software less vulnerable,” one MP said, citing a D66 discovery that “police will have to use weaknesses in software to break in,” the report states. “If we hack, we can keep them [family members] out of it,” said police spokeswoman Inge Philips, firing back at critics. “It is extremely unlikely that the police will start nosing around in the computers of innocent people, she added. “That is not what we want.” Read More

Europe Data Protection Digest

Privacy Bar Section of the IAPP unveiled

(Feb 11, 2016) The IAPP formally announced on Wednesday the Privacy Bar Section of the IAPP, a group geared toward administering to the distinct needs of those in the privacy-oriented legal profession, The Privacy Advisor reports. Of the IAPP’s more than 25,000 members, “we know more than 40 percent are lawyers,” said IAPP President and CEO J. Trevor Hughes, CIPP, “and these lawyers need services.” The bar aims to be a place for privacy-focused legal professionals and academics to come together to both discuss... Read More

Asia-Pacific Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

House passed Judicial Redress Act

(Feb 11, 2016) After passing in the Senate and Wednesday, the House, the Senate version of the Judicial Redress Act’s next stop is with President Obama for executive approval, Broadcasting & Cable reports. The legislation aims to protect the privacy of European data that comes into the U.S., and is considered an integral part in furthering EU-U.S Privacy Shield discussions. “By allowing citizens of European nations and other designated U.S. allies procedural privacy protections similar to those offered to ... Read More

Daily Dashboard, Europe Data Protection Digest