While the debate over an EU-wide scheme continues, the same scheme has been operating for all flights between EU member states and the US since 2001.
This blanket mass surveillance was instigated by the US in the wake of the 9/11 terrorist attacks, but put airlines in a bind: the US Department of Homeland Security demands the information from them, but European data protection law bars the transfer of data outside the EU.
For Mexico City, the International Data Privacy Day also marks the official endorsement by the Mexican Federal District data protection authority (InfoDF) of the International Principles for the Application of Human Rights to Communications Surveillance, 13 guiding principles about limiting surveillance. This is timely, as the Mexican Federal Telecommunications Agency (IFT) is currently developing guidelines for cooperation between the government and the Internet Service Providers. This guidelines are one step towards the implementation of the data retention mandate law adopted last year.
In October 2014, the People’s Republic of China Supreme People’s Court issued interpretations regarding the infringement of privacy and personal information on the Internet. China has not implemented a comprehensive data protection law. Rather, data protection and privacy are regulated through several sector-specific laws.
In general, the Provisions prohibit Internet users and Internet service providers from using the Internet (or other information networks) to disclose or publish personal information. The personal information protected by this prohibition includes, at a minimum, personal genetic information, medical records, health examination materials, criminal records, home addresses and information regarding private activities. Disclosure or publication on the Internet (or other information network) may be permissible under certain circumstances.
The government’s health insurance website is quietly passing along consumers’ personal data to outside websites. The privacy concerns come against the backdrop Obama’s new initiative to protect personal data online.
In a recent visit to the site, AP found that certain personal details – including age, income and whether you smoke – were being passed along probably without your knowledge to advertising and web analytics sites.
Obama’s Student Digital Privacy Act would stop companies from selling student data to third parties, except for educational purposes, and from using such data to create targeted advertisements. The act is modeled on a California initiative that will take effect in January 2016.
Another proposed piece of legislation is the Personal Data Notification & Protection Act. If passed, it will require companies to alert customers within 30 days of discovering a security breach regarding customer information. It is meant to simplify the current framework for data breach notifications, which varies state by state.