6 5 May 2009

News:

The Spanish Government approved a Royal Decree designed to protect athlete privacy that bans the carrying out of doping controls on athletes at 'times normally dedicated to night-time rest' outside competitions.

Google Street View does not contravene the UK's Data Protection Act, according to advice published by the Information Commissioner's Office (ICO) on 23 April.

Peter Hustinx, the European Data Protection Supervisor, will be the Keynote Speaker at the 3rd Annual European Data Protection Intensive, organised by Data Protection Law & Policy and DataGuidance on 18 May at the Brussels offices of Hunton & Williams LLP.

Features:

It has taken a while, but it has finally happened. The use of internet users' habits in order to tailor marketing offers to their perceived preferences has now become one of the hottest privacy issues in Europe. Collecting information about people's browsing patterns is not new. In fact, trying to match products and services to the professed needs and interests of potential customers is as old as trade itself. The key difference is that today's internet allows website operators to do this in a very sophisticated and effective manner on a global scale. If pushed to the extreme, this type of activity could potentially lead to discriminatory practices, so it is understandable that politicians, regulators and privacy activists are getting nervous.

Cloud Computing - a practice comparable to remote computing, whereby computing and storage move away from a personal computer to servers run by companies - has recently raised much interest about whether this practice complies with global data protection laws. Peter Fleischer, Global Privacy Counsel for Google, discusses the policy consequences for data protection and privacy when data no longer has a clear location.

The Polish Provincial Administrative Court finds that photo tagging on social networks without consent constitutes an illegal use of personal data. Mateusz Orlinski, a Senior Associate with Laszczuk & Partners, examines the court's reasoning and the implications of the judgment should it be upheld on appeal.

The Home Office recently announced a review of the Regulation of Investigatory Powers Act (RIPA) and published a consultation paper inviting views on the powers granted to public authorities as regards direct surveillance, covert human intelligence and communications data. Vanessa Barnett and Amy Russell, of Berwin Leighton Paisner LLP, outline the purpose of RIPA and the reasons for the review, which include concerns that some public authorities are using RIPA powers for much wider purposes than originally envisioned.

The Internet Advertising Bureau (IAB) recently launched the UK's first ever self-regulatory principles for online behavioural advertising companies, which comprise of a set of core principles such as transparency and education. Nick Stringer, Head of Regulatory Affairs at the IAB, comments on the significance of the principles.

The 'Database State' report, recently published by the Joseph Rowntree Reform Trust, claims that a quarter of UK public sector databases are illegal under laws on human rights and data protection and should be scrapped or substantially redesigned. Sarah Needham, a Solicitor at Macfarlanes LLP, examines the report's findings and how the Data Protection Act applies to public sector databases.

The Federal Trade Commission (FTC) and the Department of Health and Human Services (HHS) recently published guidance under the American Recovery and Reinvestment Act (ARRA) aimed at protecting personal health information. Joan Antokol, a Partner at Baker Daniels LLP, examines the HHS and FTC guidance and discusses the implications the requirements have for healthcare organisations.