The European influence on privacy law and practice Nigel Waters, Pacific Privacy Consulting International Dimension of E-commerce and Cyberspace Regulation.

Slides:



Advertisements
Similar presentations
EU Privacy Directive. What is a directive? A piece of European legislation, passed by bureaucrats, addressed to member states Member states must ensure.
Advertisements

Ex-ante Impact Assessment Unit Directorate for Impact Assessment and European Added Value 9 October 2013.
1 Enforcement Powers of National Data Protection Authorities and Experience gained of the Data Protection Directive Safe Harbour Conference Washington.
Data Protection Billy Hawkes Data Protection Commissioner Irish Human Rights Commission 20 November 2010.
International Privacy Laws Ashley Michele Green Sensitive Information in a Wired World October 30, 2003.
Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
The Geopolitics of Personal Data and the Governance of Privacy Colin J. Bennett Department of Political Science University of Victoria BC, Canada
Data Protection and Records Management
Managing Personal Information - Australian Companies Outsourcing to India and the Philippines Professor Margaret Jackson and Marita Shelly.
Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.
EU: Bilateral Agreements of Member States
EU: Bilateral Agreements of Member States. Formerly concluded international agreements of Member States with third countries Article 351 TFEU The rights.
Privacy in Ontario Brian Beamish Office of the Information and Privacy Commissioner/Ontario Presentation to Security Canada Central 2002 International.
The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.
A European View of Privacy Protection John Woulds Director of Operations UK Data Protection Commissioner National Conference on Privacy, Technology & Criminal.
The U.S.-E.U. Safe Harbor Framework The U.S.-E.U. Safe Harbor Framework New Developments in Data Flows, Standards, & Compliance Damon Greer U.S. Department.
Transborder dataflows Flow of information across national borders Much of this data involves personal information.
Anomalous Aspects of Transfer of Personal Data from the E.U. to the U.S. Stephen R. Bell Willkie Farr & Gallagher ABA Section of International Law New.
Data Protection: International. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
Data Protection: The Law. EU & Irish Legislation Data Protection Directive 95/46/EC Electronic Privacy Directive 2002/58/EC EUROPOL etc Data Protection.
Taking Steps to Protect Privacy A presentation to Hamilton-area Physiotherapy Managers by Bob Spence Communications Co-ordinator Office of the Ontario.
Class 13 Internet Privacy Law European Privacy.
THE CHOICES WE MAKE THAT MATTER – International Data Privacy/Protection JILL L. UREY, ASSISTANT GENERAL COUNSEL MID-ATLANTIC CIO FORUM NOVEMBER 20, 2014.
Attorney at the Bars of Paris and Brussels Database exploitation & Data protection Thibault Verbiest Amsterdam 1 April 2005
European Ombudsman Access to environmental information Task Force on Access to Information Geneva, 4 December 2014.
European Commission Taxation and Customs Union Brussels, 10 November Taxation of International Artistes and Community Law European Commission
WFII’s activities in the interest of insurance intermediaries Nic De Maesschalck Director WFII Deputy Director BIPAR.
Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.
Privacy Codes of Conduct as a self- regulatory approach to cope with restrictions on transborder data flow Dr. Anja Miedbrodt Exemplified with the help.
European Standards on Confidentiality and Privacy in Healthcare Dr Colin M Harper Division of Psychiatry & Neuroscience Queen’s University.
Unsolicited Commercial Meeting of Oftel Internet Forum 22 July 1999 EU Distance Selling Directive provisions on unsolicited .
Data Protection Compliance Professor Ian Walden Institute of Computer and Communications Law, Centre for Commercial Law Studies, Queen Mary, University.
IBT - Electronic Commerce Privacy Concerns Victor H. Bouganim WCL, American University.
European Data Protection Supervisor Pharmaceutical Regulatory & Compliance Congress, Brussels, 7 June 2007 European Privacy and Data Protection Policy.
WHOIS data The EU legal principles ICANN - GNSO meeting 2 March 2004 George Papapavlou, European Commission ICANN - GNSO meeting 2 March 2004 George Papapavlou,
The Data Protection Act What Data is Held on Individuals? By institutions: –Criminal information, –Educational information; –Medical Information;
June 1, st Asia Pacific Privacy Authorities (APPA) Forum – PHAEDRA Workshop Nr. 3: The EU Data Protection Regulation and regional perspectives.
Eurostat ESTP course on International Trade in Goods Statistics April 2013 Point 2 of the agenda Legal framework for EU trade statistics.
The European SEA Directive Simon Marsden School of International Business, University of South Australia Module 1: Basics of SEA.
APEC vs APT?: The struggle for regional privacy standards Graham Greenleaf ‘Terrorists & Watchdogs’ Conference, 8 September 2003.
DG Information Society The EU and Data Retention Data Retention Meeting London, 14 May 2003 Philippe GERARD, DG Information Society The positions.
INTRODUCTION TO DATA PROTECTION An overview of the Irish Data Protection legislation.
DR ANDREA MULLIGAN BARRISTER-AT-LAW LLB, LLM(HARV.), PH.D Safe Harbor and Schrems v DPC.
1 Agencia Española de Protección de Datos The Use of Contracts and BCRs to Transfer Personal Data The European Union – United States Safe Harbor framework:
Introduction to the Australian Privacy Principles & the OAIC’s regulatory approach Privacy Awareness Week 2016.
Data protection—training materials [Name and details of speaker]
Privacy and Personal Information. WHAT YOU WILL LEARN: What personal information is. General guidelines for the collection of personal information. Your.
M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 10 – Information society and media.
M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 31 – Common Foreign, Security and.
M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 31 – Common Foreign and Security Policy.
M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 10 – Information society and media.
Data Protection Laws in the European Union John Armstrong CMS Cameron McKenna.
Data Protection Officer’s Overview of the GDPR
Surveillance around the world
Data Protection: The Law
EU law and the legislative procedure of European Union
Data Protection: EU & International
PRESENTATION OF MONTENEGRO
Information Governance and Data Privacy: A World of Risk
Protection of Personal Information Bill: An International Perspective
GDPR Overview and Use Cases.
Data transfers to non-EU countries under the new GDPR
The activity of Art. 29. Working Party György Halmos
GDPR & Accountability ISACA Ireland Annual Conference 2018
Culture Statistics: policy needs
The EDPS: competences and processing of personal data in EU funds
PRESENTATION OF MONTENEGRO
Financial Reporting Policy
EU Data Protection Legislation
Presentation transcript:

The European influence on privacy law and practice Nigel Waters, Pacific Privacy Consulting International Dimension of E-commerce and Cyberspace Regulation Conference, 25 October 2002

Pacific Privacy Consulting 2 Trans-national institutions European Union –15 member states – expansion in 2004 Council of Europe –44 member states + other observer countries OECD –30 members – Europe + N. America, Australasia, Japan & Korea

Pacific Privacy Consulting 3 Council of Europe European Convention on Human Rights 1950 Article 8 – privacy 1981 Convention on data protection Recommendations – working parties Case law – European Court of Human Rights Other relevant work –Cybercrime Convention

Pacific Privacy Consulting 4 European Union General data protection (privacy) law Telecommunications privacy law Other relevant law Areas outside jurisdiction –Public security –Defence –State security –Criminal law

Pacific Privacy Consulting 5 EU General Privacy Directive Developed early 1990’s Adopted 1995 (95/46/EC) Deadline for compliance 1998 Action to enforce compliance 3 states still not fully compliant –Ireland –Luxembourg –France

Pacific Privacy Consulting 6 EU General Privacy Directive Currently under review Public consultation July 2002 –Submissions on web site Conference Sept/Oct 2002 Report by end of 2002? Won’t necessarily lead to change in the law – focus on compliance and implementation

Pacific Privacy Consulting 7 EU General Privacy Directive Template for national laws Protection for data about EU citizens/residents when data is exported Articles 25 & 26 – limit transfer unless certain criteria are met –Adequate law or code (A.25) –Consent, fulfilment of contracts, legal proceedings, emergencies (A.26.1) –Case by case arragments (contract or MoU)

Pacific Privacy Consulting 8 Adequacy assessment Proposal from Commission bureaucracy Opinion from A.29 Committee of DP regulators Opinion from A.31 committee of national government representatives Scrutiny by European Parliament Commission Decision

Pacific Privacy Consulting 9 Adequacy assessment Decisions to date –Switzerland (law) –Hungary (law) –Canada (law) –USA (US Department of Commerce Safe harbor Privacy Principles) Discussions with others including Australia

Pacific Privacy Consulting 10 Australia – adequacy? EU criticisms: –wide exemptions for small businesses, employee data and publicly available information –breadth of the ‘authorized by law’ exception to several principles –tolerance of notice of purpose being given after the time of collection

Pacific Privacy Consulting 11 Australia – adequacy? EU criticisms continued: –lack of a requirement for an opt-out choice where data is used for the primary purpose of direct marketing –absence of additional controls over the use and disclosure of sensitive data –lack of correction rights or rights under NPP 9 for most EU citizens, and –absence of a role for the Privacy Commissioner in advising on adequacy under NPP9

Pacific Privacy Consulting 12 Influence on Australian privacy laws Onward transfer principles Potential disruption of common data exchanges Commissioners reluctant to enforce Role for Codes of Practice –Internet Industry Association draft “EU compliant’ Code

Pacific Privacy Consulting 13 Telecommunications Privacy Telecommunications Privacy Directive adopted 1997 (97/66/EC), compliance required by Set standards for: –authorisation for interception (Article 5) –access to traffic data (A.6 ) –itemised billing (A.7) –calling line identification (art 8) –personal information in directories (A.11) –unsolicited calls (Art 12).

Pacific Privacy Consulting 14 Telecommunications Privacy Influence on Australian regulation –Telecommunications Act 1997, Part 13 –Telecommunications (Interception) Act 1979 –ACIF Codes of Practice: Customer Personal Information Calling Number Display Integrated Public Number Database

Pacific Privacy Consulting 15 Telecommunications Privacy Electronic Communications Privacy Directive adopted 2002 (2002/58/EC), compliance required by October Main changes: –Broadens scope beyond telephony –More privacy protective on: unsolicited s, SMS and faxes, (opt-in basis with prior consent) cookies, explained to customers, with a right to decline them use of mobile phone location data - right to ‘block’ it prior consent to inclusion in public directories –Less privacy protective on retention of traffic data

Pacific Privacy Consulting 16 Other Directives Many have privacy implications No systematic privacy impact assessment New supervisory authority being established Proposed Directive on re-use and commercial exploitation of public sector information –Parallel debate in Australia – public register principles in NSW & Victorian Acts + consultations

Pacific Privacy Consulting 17 Other EU Activity ECHELON – communications interception by UKUSA alliance Investigative journalism in 1990’s European Parliament Inquiry – reported 2001 Negotiations between EU and UKUSA countries Caught up in anti-terrorism response

Pacific Privacy Consulting 18 Other International work OECD – Europe + other developed countries –Pioneer – 1981 Privacy Guidelines & Principles – foundation of most privacy laws –IT Security Guidelines 1992, 2002 –Cryptography Policy Guidelines 1997 –Privacy Statement Generator

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.