4 10 October 2007

News:

International data protection authorities have called for the adoption of global standards in the use of passenger data at a meeting in Montreal.

The data protection and privacy challenges presented by the evolution of the internet, incorporating 'web 2.0' technologies, are to be addressed at 'Data Protection and the Developing Web', a full day briefing organised by Data Protection Law & Policy and Linklaters LLP on 20 November, in London.

The Information Commissioner's Office (ICO) described as 'worrying' its findings that just 57.1% of small to medium sized businesses (SMEs) are aware that personal information must be kept secure, in comparison with 70.5% of large businesses. Twenty-two percent of SMEs (1-200 employees) were aware that personal information must be kept accurate and up to date, in comparison to 57.5% of large businesses (201+ employees).

Features:

You know how the story goes. A couple of smart guys promise to make the finest new suit for an appearance-conscious emperor. But this will be a magic suit because the fabric is so special that it is invisible to anyone who is either stupid or not fit for their position. When the suit is made, the emperor can't see it. His servants can't see it. His people can't see it. However, no one is prepared to admit that and reveal their alleged stupidity. Only one child, unconcerned about other people's opinions is able to shout: "the emperor is not wearing any clothes!" Is data protection law's fabric magic or is it becoming invisible?

Ever increasing amounts of data can now be sent around the world with the click of a mouse and as companies internationalise their data processing activities, consumers, businesses and regulators face new challenges in ensuring individual privacy. Peter Fleischer, Global Privacy Counsel at Google, argues that data, as the most globalised and transportable commodity in the world, should be treated in the same way as other international trade commodities, and should be subject to global standards.

In the last article, Marcus Turle, Partner at Field Fisher Waterhouse LLP, looked at the means by which s.40 of the Freedom of Information Act 2000 ('FOIA') seeks to reconcile the conflicting relationship between freedom of information and data protection legislation. In this second article, he examines guidance available from the Information Commissioner and case law from the Information Tribunal on the interpretation and application of s.40 in practice.

A new long-term agreement on Passenger Name Records was agreed between the EU and the US at the end of June, and was a topic raised at the 29th International Conference of Data Protection and Privacy Commissioners in Canada. Catherine Erkelens and Peter Van de Velde, of Bird & Bird, examine the new agreement, its controversial points and assess whether EU support for the US' PNR requirements will lead to the US' reciprocal support for the EU's proposed PNR requirements.

Ahead of its co-hosting of the European football championships with Austria in 2008, Switzerland has enacted a federal law designed to protect the tournament from the dangers of hooliganism. Dr. Stephan Netzle, a partner with Wenger Plattner Zurich and a member of the Court of Arbitration for Sport, examines the new law's intentions and concerns raised by the Federal Data Protection and Information Commissioner (FDPIC).

With organisations increasingly outsourcing business functions to third parties, compliance with the Data Protection Act is vital to ensure success. In the second part of three articles which will examine the role and requirements of 'data processors' in such projects, Mark Gleeson and Cate Haywood of Addleshaw Goddard LLP explore how a data processor should deal with disclosure requests and data breaches during the term of a processing contract.