6 4 April 2009

News:

The Director of Privacy International (PI), Simon Davies, sent a letter to the Information Commissioner's Office (ICO) on 23 March, expressing concerns that Google Street View could be breaching the Data Protection Act (DPA). Davies said that his move was triggered by the numerous complaints PI received from individuals who were suffering from 'embarrassment and distress' due to being identifiable on the application.

A report that claims that a quarter of UK public-sector databases are illegal under laws on human rights and data protection "presents no substantive evidence on which it bases its assessments of 'privacy impact', according to a spokesperson for Ministry of Justice. The report - published in March 2009, by the Joseph Rowntree Reform Trust - suggests that the databases should be 'scrapped or substantially redesigned'.

A coalition of privacy groups - including the Consumer Federation of California and the Privacy Rights Clearinghouse - urged the US Solicitor General, Elena Kagan to support consumer privacy rights in a Supreme Court case revolving around the data sharing clauses of California's Financial Privacy Law (SB 1), on 23 March. The Supreme Court invited Kagan to voice the opinion of the Obama administration in the case of American Bankers Association v Brown, on 9 March.

Features:

In the current economic climate, all organisations are looking for ways to achieve cost savings wherever possible. Some may even consider dispensing with legal compliance altogether in order to focus on revenue generation. The majority, however, are simply trying to be more efficient than ever in order to get the most out of every penny spent. This is particularly relevant in an area like data protection where a consistent and simplified approach to international privacy compliance is key to meet the value for money criteria. So here are some ideas that may help privacy professionals trim costs whilst getting things right.

The UK Data Retention Regulations 2009 - which transpose the European Data Retention Directive - come into force on 6 April. The Regulations will require internet service providers to keep the communications data of every e-mail, phone call and text message for a minimum of one year. Susan Hall, a Partner at Cobbetts LLP, examines the Regulations and the concerns they raise.

Heartland Payment Systems - a credit card processing company in the US - announced recently that a data breach had occurred, compromising a minimum of 500 banks and an undetermined number of cards. Geoff Webb, Senior Manager of Marketing at NetIQ Corporation discusses what organisations can learn from the breach and examines what organisations can do to prevent similar breaches from arising.

The UK police recently began using hand-held data universal extraction devices that override password protection systems of mobile phones and speed up the downloading of pictures and personal information from mobile phones. Stephan Buck, a Lawyer at Preiskel & Co LLP, examines the legal issues that the use of such techniques has raised.

The Information Commissioner's Office (ICO) recently took control of a database owned by the Consulting Association - which held the personal and sensitive data of construction workers - after it was discovered that the data was being sold to construction companies. Rupert Casey, a Partner at Macfarlanes LLP, analyses the offences committed by the Association and the powers that the ICO has under the Criminal Justice and Immigration Act to apply monetary penalties against companies in breach of the Data Protection Act.

This article examines the criminal proceedings commenced by the Milan Public Prosecution two years ago, against a number of representatives of Google Italy. Such proceedings led to the trial that began on 3 February.

Sweden has recently unveiled amendments to its Copyright Act designed to tackle illegal file sharing, which will come into force from 1 April. Henrik Nilsson, an Advokat with Bird & Bird, examines how the proposals mandate the use of information orders to request information on intellectual property infringements. The article also examines how the new legislation gels with Sweden's Personal Data Act and potential issues with the legislation, such as whether household insurance - which commonly covers the cost of legal proceedings in Sweden - will cover the cost of file sharing procedures.