(Jul 2, 2015) Greetings from Brussels! I write amidst climbing temperatures this week in Brussels; we’re looking at a high of 38C over the weekend. For our North American readership, that equates to 100.4 F. The temperature is not the only thing going into overdrive; the news here is dominated by the Grexit question: Having defaulted on June 30 to the tune of a 1.6 billion-euro debt repayment to the IMF, the Greek government has now announced, without forewarning, a referendum vote on cash for reforms. Regar... Read More

Europe Data Protection Digest

WP29 Issues Drone Guidance

(Jul 2, 2015) The Article 29 Working Party (WP29) has adopted its Opinion on Privacy and Data Protection Issues Relating to the Utilisation of Drones, reports. The opinion states manufacturers of the burgeoning technology have a significant role to play in helping users understand the privacy implications of its use. Manufacturers should, for example, embrace Privacy by Design in the production of drones. “Data protection should be embedded within the entire life cycle of the technology,” the WP29... Read More

Europe Data Protection Digest

ICO Annual Report Discusses Increased Powers

(Jul 2, 2015) The Information Commissioner’s Office has released its annual report, and Information Commissioner Christopher Graham is reflecting on “the strengthening of his regulatory powers to show how the legislation continues to develop” toward greater data security as well as the impact of the now 10-year-old Freedom of Information Act. The Register reports that the total of fines issued by the ICO “has halved compared with last year—despite the watchdog receiving roughly the same number of compla... Read More

Europe Data Protection Digest

CNIL: 20 Websites Not Complying with Cookie Laws

(Jul 2, 2015) French Data Protection Authority the CNIL has told 20 websites they are failing to comply with EU cookie laws, The Register reports. The CNIL “this week put the websites on notice for not giving users enough information about how their activity is being tracked,” the report states, noting EU law requires websites to get “explicit informed consent before placing cookies on browsers,” and citing the CNIL’s 2013 guidelines information companies on how to comply with the law. “However, several spot-checks last year revealed that although some of the sites have a banner informing users that cookies will be placed on their computer, none of them waited for consent before doing so,” the report states. Read More

Europe Data Protection Digest

Officials Discuss Power of Big Data, Importance of Data Security

(Jul 2, 2015) Big data, if used correctly, can fuel innovation, German MEP Axel Ross and Former Secretary General of the CNIL Yann Padova argue in a report for EurActiv.  “The protection of our fundamental rights must remain at the centre of the Data Protection Regulation because it's the foundation of our European identity and common values,” the report states. When data is harvested, “fundamental rights” and the “innovation principle concerning companies' use of data” should be weighed in equal measure, the... Read More

Europe Data Protection Digest

Working Party Evaluating Draft Code of Conduct

(Jul 2, 2015) The Article 29 Working Party is examining a draft cloud computing code of conduct and could approve a final product by the end of summer, reports. “Representatives from Microsoft, Oracle and the Cloud Industry Forum are among those that have been involved in drafting the code,” the report states, adding that the initiative aims to “help potential cloud computing users assess whether a cloud provider complies with EU data protection rules and with their own data protection obligations.” The code will “also help cloud providers demonstrate that they comply with the data protection legal framework, particularly when providing cross-border services,” the report states. Read More

Europe Data Protection Digest

Parliament Nixes Banking Privacy After Bank’s Collapse

(Jul 2, 2015) A year after the collapse of Bulgaria’s fourth largest bank, the Parliament has abolished the country’s banking privacy laws, Reuters reports. Corporate Commercial Bank declared bankruptcy last June, costing the Bulgarian government approximately 3.6 billion levs. The action by Parliament will permit disclosure on accounts, deposits and loans of the bank’s clients, and allow AlixPartners, a forensics investigatory firm, to track and recover the bank’s assets. Last month, Bulgarian Prime Minister Boiko Borisov said all data pertaining to the bank should be publicized so that “everything comes to light.” Read More

Europe Data Protection Digest

Health Insurer Clarifies Stance on Facebook-Owned App

(Jul 2, 2015) BBC News reports on a new pledge from health insurer Vitality after public backlash from its use of a Facebook-owned health fitness app. Moves, the “always on” smartphone app, measures users’ health-related activities and locations visited. Vitality said it promoted the app to encourage healthier lifestyles for workers, but privacy groups said the insurer should be more clear and transparent about how data is collected and accessed. One Internet privacy academic said this could serve as a lesson for the broader health insurance industry. Health data, he said, “can be used against (employees) in many ways—from obvious things like health and life insurance premiums to less direct things like credit ratings and even potential employment decisions.” Read More

Europe Data Protection Digest

Police: IDPC Dropped the Ball on Breach Investigation

(Jul 2, 2015) After a confidential file on a Maltese police inspector was leaked to MaltaToday and resulted in the country’s Data Protection Commission (IDPC) fining the commissioner of police, the Malta Police Association (MPA) has called foul, MaltaToday reports, stating the IDPC didn’t do its due diligence in investigating the breach. “The IDPC implied that the leak took place under former Police Commissioner Peter Paul Zammit, who resigned in July 2014, but it did not seek the comment of either Zammit or Saviour Balzan, MaltaToday managing editor─who both denied that Zammit was the source of the leak,” the report continues. Read More

Europe Data Protection Digest

Bellamy and Heyder on Moving Beyond Consent

(Jul 2, 2015) Consent is a foundational aspect of information privacy, one upon which many data protection and privacy laws around the world are based, and one which provides a modicum of control to individuals. “But is consent really the best and only way in the modern Information Age to provide meaningful control and to protect the individual?” Bojana Bellamy, CIPP/E, and Markus Heyder, both of Hunton & Williams, ask in this post for Privacy Perspectives. In it, they argue that consent is not necessarily the “best or only way to empower individuals in this day” and provide three reasons and a host of complimentary tools organizations can use to broaden individual control and organizational accountability. Read More

Asia-Pacific Dashboard Digest, Daily Dashboard, Europe Data Protection Digest