On Wednesday, the European Parliament’s Committee on Civil Liberties (LIBE) adopted the EU Passenger Name Records (EU-PNR) directive proposal, presented by Rapporteur Timothy Kirkhope, a conservative MEP from the UK.
The EU-PNR directive would establish the systematic collection, retention, and analysis of passenger data for everyone flying into or leaving the EU. Passenger data contains a plethora of personal information, such as passengers’ personal and contact details, itinerary, payment methods, and sometimes even car and hotel bookings.
The Information Commissioner’s Office issued a notice to Google to remove from its search results newspaper articles that discussed details from older articles that had themselves been subject to a successful right to be forgotten request.
The new reports included, wholly unnecessarily, the name of the person who had requested that Google remove reports of a ten-year-old shoplifting conviction from search results. Google agreed with this right to be forgotten request and de-linked the contemporary reports of the conviction, but then refused to do the same to new articles that carried the same details. Essentially, Google had granted the subject’s request for privacy, and then allowed it to be reversed via the back door.
Experts and even the ICO have hinted that Google’s efforts to publicise the very details it is supposed to be minimising might be viewed as a privacy breach or unfair processing with regard to those making right to be forgotten requests.
EU Commissioner Věra Jourová: "I am very pleased that today we have finalised negotiations with the US on high data protection standards for transatlantic law enforcement cooperation.
Robust cooperation between the EU and the US to fight crime and terrorism is crucial to keep Europeans safe. But all exchanges of personal data, such as criminal records, names or addresses, need to be governed by strong data protection rules. This is what the Umbrella Agreement will ensure."
The DPA received various signals that employment agencies appeared to be violating the privacy of temporary workers. In a temporary employment relationship the agency acts as the employer of the temporary worker. For these reasons, the DPA decided to carry out an investigation in respect of two large employment agencies regarding their compliance with the Dutch Data Protection Act. According to the DPA, the investigations confirmed that the employment agencies are violating data protection laws on various points, including processing of ID copies, over recording data relating to illness and incapacity to work, handling criminal antecedents and religious symbols, and illegal data retention, etc.
The European Union and the United States have clinched a deal protecting personal data shared for law enforcement purposes such as terrorism investigations, according to a document seen by Reuters.
The two sides have been negotiating for four years over the so-called "umbrella agreement" that would protect personal data exchanged between police and judicial authorities in the course of investigations, as well as between companies and law enforcement authorities.
EPIC has filed emergency Freedom of Information requests with the US the EU for release of a secret agreement for the transfer of personal data across the Atlantic. A new framework was required by a recent decision of the European Court of Justice. But European and American consumer organizations say the "Privacy Shield" does not provide adequate protection for the transfer of personal data.