Header graphic for print
Inside Privacy Updates on Developments in Global Privacy & Data Security from Covington & Burling LLP

Category Archives: International

Subscribe to International RSS Feed

Duma Votes to Accelerate Implementation Date of Russian Data Localization Bill By A Year

Posted in International

In July this year, Russia enacted Law 242-FZ (the “Localization Law”).  The Localization Law amends the Russian Federal Law on Information, Information Technology and Information Protection, and would introduce a new requirement for certain businesses (including in particular those processing data concerning Russian citizens and also maintaining offices in Russia) to ensure that personal data… Continue Reading

Canada’s Highest Court Rules That Police Can Search Cell Phone Contents After Arrest

Posted in Canada, International

By Lala Qadir The Supreme Court of Canada recently issued a 4-3 decision that gave the police a green light in conducting warrantless searches of an arrestee’s cell phone as long as the search is directly related to the suspected crime and records are kept.  Over three dissenting judges that characterized mobile phones as “intensely… Continue Reading

The EU’s Highest Court Rules That The EU’s Data Protection Directive Applies To Home Security Surveillance Cameras

Posted in European Union, International

By Fredericka Argent Last week, the Court of Justice of the European Union (CJEU) ruled that owners of home surveillance cameras could be breaching the EU Data Protection Directive 95/46/EU (the Directive), when those cameras are used to monitor public spaces.  The ruling was made following a request from the Nejvyšší správní soud (The Supreme Administrative Court… Continue Reading

Article 29 Working Party Publishes Working Document Setting Out Cooperation Procedure for Issuing Common Opinions on Contractual Clauses

Posted in European Union, International

By Tom Jackson On November 26, 2014, the Article 29 Working Party adopted a working document setting out a cooperation procedure for issuing common opinions on contractual clauses considered as compliant with the EC Model Clauses (the “Working Document”).  The Working Document sets out the framework for a procedure designed to streamline the process of… Continue Reading

European Data Protection Regulators Release Joint Statement on European Values

Posted in European Union, International

By Tom Jackson On November 26, 2014, the Article 29 Working Party released a short joint statement containing a series of declarations on:  (i) “European values”; (ii) “surveillance for security purposes”; and (iii) the “European influence.”  The joint statement emphasizes the balance to be struck between protecting data protection rights and allowing national intelligence agencies… Continue Reading

Have EU Privacy Regulators Just Spelled the End of Web Tracking?

Posted in European Union, International

On November 25, 2014, the Article 29 Working Party (“WP29”) issued an opinion paper on device fingerprinting (the “Opinion”).  The Opinion builds on existing guidance on cookies (Opinion 04/2012) and confirms that organizations wishing to generate “device fingerprints” by storing or accessing information on a user’s device must obtain user consent (unless an exemption applies)…. Continue Reading

Article 29 Working Party Publishes Full Guidance On CJEU Right To Be Forgotten Ruling Against Google

Posted in European Union, International

Late last week, the Article 29 Working Party released a short press statement announcing that it had agreed guidance for the implementation of the May 2014 CJEU ruling against Google on the “right to be forgotten.”  See our first post on the Working Party’s guidance here.  The Working Party has now published a full 20-page… Continue Reading

Buttarelli Confirmed as Next European Data Protection Supervisor

Posted in European Union, International

By Phil Bradley-Schmieg  As we previewed last month, it has now been confirmed that Giovanni Buttarelli will be appointed as the next European Data Protection Supervisor (EDPS), the data protection watchdog and advisor to the various rulemaking and supervisory bodies that make up the EU.  Mr Buttarelli currently serves as Deputy EDPS under Peter Hustinx. Mr… Continue Reading

Article 29 Working Party Agrees Right to Be Forgotten Guidance Following May 2014 CJEU Ruling Against Google

Posted in European Union, International

On November 25, 2014, the Article 29 Working Party agreed guidelines for data protection authorities seeking to apply the Court of Justice of the European Union (CJEU) ruling reached earlier this year against Google, which has become known as the right to be forgotten or “RTBF” ruling.  The full guidelines have not yet been published,… Continue Reading

UK Data Protection Regulator Surveys Use of Smart Medical Devices

Posted in European Union, International, United Kingdom

By Phil Bradley-Schmieg The UK Information Commissioner’s Office (ICO) has launched an informal survey of current practices relating to the use of data-enabled medical devices and apps. The short and anonymous survey explores whether organisations have put in place specific policies and procedures, asset registers, IT security requirements for medical device procurement policies, information governance… Continue Reading

Trans-Atlantic Business Dialogue Holds Briefing Session on EU-U.S. Safe Harbor Agreement

Posted in European Union, International

On October 23, the Trans-Atlantic Business Dialogue held a briefing session on the EU-U.S. Safe Harbor Agreement.  Ted Dean, Deputy Assistant Secretary at the U.S. Department of Commerce, gave an update on the negotiations with the European Commission.  Following the Snowden revelations and a resolution of the European Parliament, the European Commission on November 17,… Continue Reading

UK Parliamentarians Seek FOI Changes To Force Private Sector Suppliers To Disclose NHS Contract Details

Posted in European Union, International, United Kingdom

By Tom Jackson and Phil Bradley-Schmieg A cross-party group of UK Members of Parliament (“MPs”) is seeking to amend the UK’s ‘freedom of information’ regime under the Freedom of Information Act 2000 (“FOIA”) to also cover current and prospective private sector suppliers to the National Health Service (“NHS”) in England and Wales. The Freedom of… Continue Reading

EU Confirms New Heads of the European Commission – But Who Will Drive Data Protection Reforms?

Posted in European Union, International

 By Philippe Bradley-Schmieg  The European Parliament voted yesterday (October 22, 2014) to approve the President of the European Commission’s selections for his team of European Commissioners. Jean-Claude Juncker’s picks received strong endorsement from MEPs, with 423 in favour, 209 against, and 67 abstentions.  Even so, he was forced to amend his proposal ahead of the… Continue Reading

ICO Releases Concrete Guidance on Privacy Requirements When Recording Video with Drones

Posted in International, United Kingdom

On October 15, 2014, the UK Information Commissioner’s Office (ICO) published an updated code of practice for surveillance cameras.  Among other topics, the ICO uses the Code to begin to address privacy practices for drones.  Drones are not new, but two factors are now making questions about drones and privacy practices more pressing.  First, many… Continue Reading

Data Protection Officials Adopt Internet of Things Declaration and Big Data Resolution

Posted in International

At the International Conference of Data Protection and Privacy Commissioners in Mauritius this week, representatives of the private sector and academia joined together to discuss the positive changes and attendant risks that the internet of things and big data may bring to daily life. Attendees memorialized the observations and conclusions of their discussions in a… Continue Reading

Committees of European Parliament Hold Confirmation Hearing for Commissioner-Designate for Justice, Consumers, and Gender Equality

Posted in European Union

By Sophie Noya and Henriette Tielemans From September 29 to October 7, 2014, parliamentary Committees of the European Parliament (“EP”) will be holding public confirmation hearings with Commissioners-designates with a view to assessing their skills and qualifications ahead of the EP’s vote on October 22 to approve (or reject) the Council’s appointment of the new… Continue Reading

Internet of Things Poses a Number of Significant Data Protection Challenges, Say EU Watchdogs

Posted in European Union, International

The Article 29 Data Protection Working Party (“Working Party”), the independent European advisory body on data protection and privacy, comprised of representatives of the data protection authorities of each of the EU member states, the European Data Protection Supervisor (the “EDPS”) and the European Commission, has identified a number of significant data protection challenges related… Continue Reading

Article 29 Working Party Emphasizes Importance of Personal Data Protection for Big Data Operations and Development

Posted in European Union

A recent statement from the Article 29 Working Party, the independent European advisory body on data protection and privacy, comprised of representatives of the national data protection authorities of the EU Member States, the European Data Protection Supervisor and the European Commission, finds that the EU data protection principles, outlined in the EU Data Protection… Continue Reading

ISO’s New Cloud Privacy Standard

Posted in Cloud Computing, Data Security, European Union, International

This summer, the International Standards Organization (ISO) adopted a new voluntary standard governing the processing of personal data in the cloud — ISO 27018.  Although this recent development has gone mostly unnoticed by the technology and media press to date, the new cloud standard provides a useful privacy compliance framework for cloud services providers that… Continue Reading

Global App Review Finds 85% of Apps Have Privacy Shortcomings

Posted in European Union, Privacy Policies

By Monika Kuschewsky and Katherine Gasztonyi In May 2014, the Global Privacy Enforcement Network (“GPEN”) performed its second Global Privacy Sweep, in which 26 privacy enforcement authorities from 19 countries downloaded 1,211 mobile apps and assessed their privacy practices. On September 10, 2014, the Office of the Privacy Commissioner of Canada (“OPC”) published the results of the… Continue Reading

Big Data Analysis is Possible Without Infringing Key Privacy Principles, Says International Working Group

Posted in European Union, International, Uncategorized

“Data is everywhere. The amount of data on the global level is growing by 50 percent annually. 90 [percent] of the world’s data has been generated within the past two years alone,” explains the International Working Group on Data Protection in Telecommunications in their Opinion of May 6, 2014, titled, “Working Paper on Big Data… Continue Reading