|
With the deadline for implementing the Data Retention Directive now past, in this edition of the newsletter we revisit the table that we published in June 2007, showing which countries have implemented the Directive.
In this edition, we also consider when ISPs must disclose the identities of users who breach copyright. We look at the ECJ's decision in the Telefonica case and consider some recent decisions in Germany on this matter.
We look at new legislation affecting privacy in Germany, Italy and Spain and consider some possible privacy arguments for not paying parking fines in Belgium.
In The Netherlands, privacy concerns have arisen regarding a chipcard recording travel details, whilst in the UK the loss of personal data by the Government has led to a number of consultations on ways to safeguard data in future. We also consider the recent fine in the UK given to a bank and a decision on subject access requests.
We consider the difficulty for US companies to comply with both US regulatory requirements and EU Data Protection law, with an article on a recent decision in Sweden.
ECJ rules against collecting society in file sharer identification dispute
Jamie Herbert, London
The European Court of Justice has ruled that Member States are not obliged to create a legal duty requiring ISPs to disclose file sharers' personal details to copyright owners.
Implementation of the Data Retention Directive as at February 2008
A country-by-country summary of the current status of the implementation of the Data Retention Directive.
Top |
|
|
Lower court's judgment revives the debate over identifying vehicle owners to collect parking fines
Peter Van de Velde, Brussels
It has become common for municipalities to outsource the collection of parking fines in their territory to private companies. This article explores whether companies can identify vehicles owners in order to ensure that they pay appropriate fines.
Top
New Act on the Distribution of Highly Detailed Satellite Data
Alexander Duisberg & Ulrich Sachs, Munich
In November 2007, the German Parliament adopted an Act that set out how information collected from satellites could be used commercially.
User identity behind dynamic IP addresses - a minefield for authorities and ISPs
Jan-Peter Ohrtmann & Bastian Cremer, Düsseldorf
Where there has been a breach of copyright, German law does not entitle the rights holder to receive information about the infringing individuals. Recently however, rights holders have resorted to initiating criminal actions against the unidentified individuals in order to obtain more information about the infringers. This article considers the legality of such techniques.
Top
Update on the latest data protection news in Italy
Debora Stella & Giulia Mozzato, Milan
In the past few months the Italian Data Protection Authority has issued a number of guidance documents and press communications aimed at providing more information about the application of Italian data protection legislation. This article considers some of these developments.
Top
Trouble for new Dutch public transport chipcard
Gerrit-Jan Zwenne, The Hague
The introduction of a new nationwide public transport chipcard in The Netherlands has been the subject of concerns relating to the protection of users' privacy. This article considers the Dutch Data Protection's guidelines as to how users' privacy can be protected whilst using this technology.
€1,000,000 fine for distributing unsolicited software
Gerrit-Jan Zwenne & Chris Erents, The Hague
The Dutch Telecom Regulator, OPTA has imposed a €1,000,000 fine on three Dutch companies and their directors for distributing unsolicited software. According to OPTA, 22 million computers worldwide were intentionally infected with adware and spyware. This is the first time that OPTA has imposed fines on distributors of unsolicited software.
Certain blogs of "Special character" required to moderate forum members' posts before publication
Bart Beuving, The Hague
In this case, with unique facts, pre-moderation of bloggers' posts was required. The Dutch court ruled that a Dutch paedophilia association must take measures to moderate posts on a forum to prevent pictures of children being published.
Top
Spanish Law 56/2007 on Measures to Promote the Information Society
Ana Maria Rodriguez Costas, Madrid
In December 2007 a new law was published facilitatating the development and use of new technologies, in particular in relation to consumer protection and e-invoicing.
Top
Stuck between a rock and a hard place? The Swedish Data Protection Authority rejects American company's request to process workers' criminal records
Jim Runsten & Josefine Jonsson, Stockholm
This article considers a recent ruling preventing Standard & Poors AB from sending information about its workers to America. This was the case, even though it was required to do so to comply with US law.
Top
New Fraud Prevention Standard
Elizabeth Upton, London
The British Standards Institute is currently developing a publicly available specification for managing the prevention and early detection of fraud.
FSA fines Norwich Union for security lapses relating to customer information
Siobhan McManus, London
The Financial Services Authority has fined Norwich Union £1.26m for failing to protect its customers against fraud. The fine is the biggest of its kind.
Ezsias v Welsh Ministers
Ruth Boardman & Amy Williams, London
This is another subject access case where the courts have refused to support a claimant who tried to use the Data Protection Act 1998 as a means of pursuing other proceedings. This case closely followed Durant v Financial Services Authority, concluding that information held about complaints made did not amount to Mr Ezsias' personal data. The case also suggests that a data controller is only obliged to carry out "reasonable and proportionate" steps to identify and disclose personal data. Although this comment will be welcomed by data controllers, it may prove controversial.
Recent data security breaches provoke a spate of Government reviews
Jamie Herbert, London
In light of a number of major public sector data security breaches which have occurred in recent months the Government have commissioned three separate reviews, each emanating from different Departments, and have proposed new powers for the Information Commissioner.
Top |