White House privacy proposal aims to give consumers control over data
Sat 28 Feb 2015, 01:20

U.S. businesses that collect personal data would be required to describe their privacy and security practices and give consumers control over their personal information under a proposed privacy bill of rights released Friday by President Barack Obama’s administration.

The proposal would also require companies and nonprofit groups to collect and retain only the personal data they need to operate.

However, the proposal allows industry groups to submit their own codes of conduct to the Federal Trade Commission and shields companies that follow those codes from FTC enforcement actions.

Parliament votes to push forward its agenda EU-PNR
Fri 13 Feb 2015, 16:40

On February 11th, the European Parliament has adopted a resolution in which it commits to work toward finalising, by the end of 2015, a directive on EU Passenger Name Records (PNR). This proposal aims at the systematic data collection, retention and analysis by national authorities of passengers taking flights entering or leaving the EU. This data, originally collected by airline companies, contains plethora of personal data, from passengers’ personal and contact details, itinerary, payment methods, to sometimes even food preferences.

UK surveillance laws need total overhaul, says landmark report
Thu 12 Mar 2015, 13:20

Britain’s laws governing the intelligence agencies and mass surveillance require a total overhaul to make them more transparent, comprehensible and up to date, the intelligence and security committee of parliament (ISC) has said in a landmark report prompted by the revelations of Edward Snowden, the former US National Security Agency (NSA) contractor.

Spanish court endorses CJEU decision on the right to be forgotten
Mon 2 Feb 2015, 12:30

In the first 18 sentences of its decision, the Spanish Audiencia Nacional court has endorsed, without any changes, the European ruling on the so called 'Right to be forgotten' on the Internet. Citizens can demand search engines, Google in this case, the removal of personal information from URLs if they consider it harmful, assuming accessing these links can not be justified neither on public interest grounds nor because of the public relevance of the affected individual.

 

Cyberthreat sharing must include strong privacy protections, advocates say
Thu 29 Jan 2015, 01:20

U.S. lawmakers should put strict privacy controls into planned legislation to encourage companies to share cyberthreat information with government agencies and each other, some advocates said.

Members of the Senate Homeland Security and Governmental Affairs Committee said Wednesday they plan to work on a cyberthreat information-sharing bill in the coming months. But representatives from Microsoft and the Center for Democracy and Technology told lawmakers they can avoid the controversies of other recent bills by requiring companies and government agencies to strip out personally identifiable information before sending cyberthreat information to other organizations.

New Chinese measures define consumer personal information
Mon 26 Jan 2015, 11:38

On January 5, 2015, the State Administration for Industry and Commerce of the People’s Republic of China published its Measures for the Punishment of Conduct Infringing the Rights and Interests of Consumers (the “Measures”). The Measures contain a number of provisions defining circumstances or actions under which enterprise operators may be deemed to have infringed the rights or interests of consumers.

According to Article 11, “consumer personal information” refers to “information collected by an enterprise operator during the sale of products or provision of services, that can, singly or in combination with other information, identify a consumer.” Article 11 also provides a list of specific examples of “consumer personal information,” including a consumer’s “name, gender, occupation, birth date, identification card number, residential address, contact information, income and financial status, health status, and consumer status.”

While this definition applies only in relation to consumer personal information, it is an instructive milestone in the continuing emergence of China’s sector-by-sector patchwork of rules and regulations governing the collection and use of personal information.