Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Tag Archives: safe harbor

Posted in International/EU Privacy

CNIL International Chief Discusses Safe Harbor and Onward Transfer

Following on the heels of the IAPP Congress in Brussels, the CNIL’s (the French data protection authority) international chief, Florence Raynal, engaged in a dialogue with the members of the American Chamber of Commerce’s Digital Economy Committee in France. Raynal engaged with AmCham members on questions relating to the EU-US Safe Harbor framework, focusing on the practicalities of onward transfers. The discussion involved two kinds of transfers.

Posted in Consumer Privacy

Hogan Lovells Contributes Focus on Privacy and Trade to Global Privacy Meeting

At the 35th annual Conference of Data Protection Authorities and Privacy Commissioners in Warsaw, Poland today, Hogan Lovells partner and privacy practice lead Christopher Wolf spoke on the issue of privacy and trade in light of the ongoing Transatlantic Trade and Investment Partnership negotiations between the EU and the U.S. This post contains prepared remarks to the commissioner’s on the need for interoperable cross-border privacy standards and the merits of the U.S. privacy regime.

Posted in Consumer Privacy, International/EU Privacy, News & Events

Commerce Department General Counsel Pushes Back Against EU Attacks on US Privacy

The US privacy framework is under attack from officials in the EU following revelations about NSA surveillance.  Yesterday, US Department of Commerce General Counsel Cameron Kerry delivered his valedictory address before his departure from his position next week, and focused both on the progress made by the Obama Administration in privacy and offered the strongest [...]

Posted in International/EU Privacy

German Data Protection Commissioners Push Government Towards Suspension of U.S. – EU Safe Harbor Regime

According to reports by the German business newspaper Handelsblatt, the German data protection commissioners have sent a letter to the German chancellor Angela Merkel, asking her to push the European Union to suspend the U.S. – EU Safe Harbor regime because of the recently disclosed NSA activities. This letter dates from July 23 and is signed [...]

Posted in International/EU Privacy

European Parliament Committee Releases Proposed Amendments to Data Protection Regulation

Jan Albrecht, the rapporteur for the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs, released a draft report last month with key proposals to amend the European Commission’s proposed Regulation on data protection. The report includes a total of 350 amendments to the original proposal.  Highlights of the 215-page report include the following:

Posted in Consumer Privacy

Myspace Settles with FTC Regarding “Constructive Sharing” of PII with Third-Party Advertisers

this blog entry details the FTC’s settlement and consent decree with Myspace, and enforcement action that focused on the fact that a “Friend ID”, despite being non-PII, was linked to a user’s Myspace profile so that third-party advertisers could use the Friend ID to easily obtain the PII resident on a user’s profile. In effect, the FTC took the position that by sharing the Friend IDs with third parties, Myspace also constructively shared all of the PII accessible from a user’s Myspace profile with those third parties, in violation of privacy policy promises not to share. As such, this enforcement action may signal that a business canntt get around promises not to share PII with third parties simply by sharing a piece of non-PII that enables a third party subsequently to obtain access to PII maintained by that business.

Posted in International/EU Privacy

German DPAs Issue Rules for Cloud Computing Use

The German data protection authorities on September 26, 2011 adopted an “Orientation guide – cloud computing.” The guide sets out mandatory and recommended content for any agreement between German users of cloud computing services and cloud computing serving providers. It highlights the customer’s responsibility for full compliance with German data protection requirements for the cloud. Based on this orientation guide, customers and providers will have to review existing agreements in the German market.

Posted in International/EU Privacy

Pending Revision of EU Directive Prompts Questions About Safe Harbor

The pending proposal from the European Commission for revision of the EU Directive (expected in early 2012) raises questions about the efficacy under a revised Directive of the EU-US Safe Harbor framework, which permits the legal cross-border transfer of personal data from the EU to the US for companies enrolled in the Safe Harbor and committed to the requisite privacy protections. That’s the recent observation in Europolitics, the European Affairs daily, quoted in this blog entry, along with the rousing defense of the Safe Harbor offered by Google’s Global Privacy Counsel Peter Fleischer.

Posted in International/EU Privacy

German Privacy Watchdogs Require More Scrutiny When Transferring Data to the United States Under the Safe Harbor

The Düsseldorfer Kreis, a working group consisting of representatives from Germany’s sixteen state data protection authorities, issued a Decision (dated 28/29 April 2010) on the transfer of personal data from German companies to U.S. companies which are certified under the U.S.-EU Safe Harbor framework. It stated that Safe Harbor certification of the U.S. company alone is not sufficient to safeguard the transfer because European and U.S. regulators currently do not ensure that the U.S. companies comply with the self-certification. Therefore, German companies are now required to take additional steps when transferring data to the US under the Safe Harbor.