4 9 September 2007

News:

The Information Commissioner has called for 'proper public debate' following recent proposals by a senior judge to place the entire UK population and visitors on the national DNA database.

The Californian Senate has passed AB 779, which protects consumer data and SB 362, which bars employers from requiring employees to have radio frequency ID (RFID) chips inserted under their skin.

A new public search facility on Facebook, which allows people not registered with the social networking site to search for people by name, is raising concerns about ID theft.

Features:

It is probably fair to say that globalisation was not a widely used term in the 80s. So it is quite remarkable than in a world without the internet, broadband or remote call centres operating on a 24/7 basis, someone actually spotted a danger that was as real then as it is today: that disparities in national legislations could hamper the free flow of personal data across frontiers. Yet, this is precisely what the preface to the 1980 OECD Guidelines on the protection of privacy and transborder flows of personal data says in order to justify the need for harmonisation in the area of privacy legislation. Fast forward the clock a quarter of a century and here we are struggling to share data globally and meet international privacy standards.

For some time now, the Information Commissioner's Office (ICO) has recognised the need to produce new guidance on the meaning of 'personal data'. Our previous guidance concerned the implications of the Durant judgment in 2003. In this judgment, the Court of Appeal was widely considered to have adopted a rather narrower interpretation of 'personal data' (and 'relevant filing system') than most practitioners had hitherto. Not surprisingly, therefore, our reflections on Durant concentrated rather more on what was not covered rather than what was.

With one piece of legislation promoting access to information and the other restricting it, the UK freedom of information and data protection frameworks do not sit easily together. In the first of a twopart article which looks at the relationship between both frameworks, Marcus Turle, a partner at Field Fisher Waterhouse LLP, examines section 40 of the FOIA, which sets out the exemptions to the right of access to information and how it attempts to reconcile the conflicting relationship between both frameworks.

The Society for Worldwide Interbank Financial Telecommunication (SWIFT) has signed up to the US Federal Trade Commission's 'safe harbor' principles for the processing of financial data originating from Europe, as authorities sought to settle arguments over the transfer of data between the US and the EU. Anne Conaty and Navene Alim, of Berwin Leighton Paisner's London office, examine the changes SWIFT has made, their implications for banks and payment processors and discuss possible routes forward for the transfer of financial data between the US and the EU.

The Spanish Supreme Court recently upheld the largest ever fine issued by the Spanish data protection authority for an infringement - over €1 million for the producers of the 'Big Brother' television programme - over a failure to comply with various principles of the data protection legislation. In this article, Guadalupe Sampedro, of Garrigues, sets out the history of the case.

With organisations increasingly outsourcing business functions to third parties, compliance with the Data Protection Act is vital to ensure success. In the first of three articles which will examine the role and requirements of 'data processors' in such projects, Mark Gleeson and Cate Haywood of Addleshaw Goddard LLP examine the key commercial and legal considerations for a processor before entering such agreements.

Recent newspaper reports have speculated that a personal information protection law is imminent. Bridget Treacy and Manuel Maisog of Hunton & Williams LLP discuss China's initial struggle with the concept of privacy and explain that the political process that will lead towards legislation could take longer than reports suggest.