Dan Cooper

Dan Cooper

Daniel Cooper heads up the firm’s growing Data Privacy and Cybersecurity practice in London, and counsels clients in the information technology, pharmaceutical research, sports and financial services industries, among others, on European and UK data protection, data retention and freedom of information laws, as well as associated information technology and e-commerce laws and regulations. Mr. Cooper also regularly counsels clients with respect to Internet-related liabilities under European and US laws. Mr. Cooper sits on the advisory boards of a number of privacy NGOs, privacy think tanks, and related bodies.

Subscribe to all posts by Dan Cooper

Vote on EU Data Protection Regulation Again Postponed

By Dan Cooper on Posted in European Union, International
By Jorg Walter Despite previous assertions to the contrary, the European Parliament’s Civil Liberties Committee (“LIBE”) announced on Wednesday that it would not be holding its important vote on the Proposed Data Protection Regulation before the summer recess. A new vote has not yet been scheduled but is planned for September or October 2013. As … Continue Reading

EU Data Protection Working Party Sets Out App Privacy Recommendations

By Dan Cooper on Posted in Advertising & Marketing, European Union, International, Mobile
By Dan Cooper and Philippe Bradley This week the Article 29 Working Party released its Opinion 2/2013 on apps on smart devices (WP 202), a 30-page report on mobile app privacy and data protection considerations. This development follows on the Working Party’s Statement on the draft General Data Protection Regulation on 27 February 2013 (which … Continue Reading

The ICO Responds to the Leveson Report

By Dan Cooper on Posted in European Union, International, United Kingdom
By Dan Cooper, Helena Marttila & Fredericka Argent Following the 2011 News International phone-hacking scandal, the UK government commissioned an in-depth inquiry into the accusations made against the British press to be conducted by Lord Justice Leveson.  The “Leveson Inquiry” was a full-scale investigation, which culminated in an approximately 2000-page report published in November 2012.  The … Continue Reading

Australia Introduces New Privacy Act

By Dan Cooper on Posted in Uncategorized
By Daniel Cooper, Fredericka Argent and Ezra Steinhardt On 29 November 2012, the Office of the Australian Information Commissioner announced that the Australian government passed the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth) (“the Act”). The Act, due to come into force in March 2014, is the biggest reform to Australian privacy law in … Continue Reading

The European Court of Justice Rules That Austria’s Data Protection Authority Is Not Sufficiently Independent

By Dan Cooper on Posted in European Union, International
On 16 October 2012, the Court of Justice of the European Union (“CJEU”) ruled in favour of the European Commission in its claim against Austria that the Austrian Data Protection Authority, the Datenschutzkommission (“DSK”), was not independent from the Austrian government as required under Article 28 of the EU’s Data Protection Directive. The Commission’s action was … Continue Reading

CNIL and Article 29 Working Party Release Report on Google Privacy Policy

By Dan Cooper on Posted in European Union, International
By Dan Cooper & Ezra Steinhardt On 16 October, 2012, the French data protection authority, the CNIL, released a report on behalf of the Article 29 Working Party that examines Google’s compliance with European data protection law.  The report marks a new stage in an investigation which began nine months ago, when Google announced that … Continue Reading

ICO Issues New £250,000 Fine to Scottish Local Government Body

By Dan Cooper on Posted in Data Security, United Kingdom
On 11 September 2012, the UK Information Commissioner’s Office (ICO) announced that it had fined the Scottish Borders Council £250,000 under the Data Protection Act 1998 (the DPA) following the discovery of a former Council employee’s pension records in a supermarket’s car park paper recycling bank. The document was one of at least 676 files … Continue Reading

UK Parliament Committees Open Consultations on Proposed Data Protection Regulation and Proposed Communications Data Bill

By Dan Cooper on Posted in European Union, International, United Kingdom
On 12 July, 2012, the Justice Select Committee, the body tasked by the UK Parliament’s European Scrutiny Committee to give its opinion on the EU Commission’s proposals to reform EU data protection laws, launched a call for written evidence on the following questions:  Will the proposed Regulation strike the right balance between the need, on … Continue Reading

Grace Period for Compliance with New Korean Privacy Law Ended this Spring

By Dan Cooper on Posted in Data Security, International
South Korea's new comprehensive privacy law, the Personal Information Protection Act, promulgated on 29 March 2011, is now in effect. The Korean government allowed a grace period for companies to comply with the provisions of the new law and this came to an end on March 31st 2012. In relation to the private sector, the new legislation replaces some aspects of the Act on Promotion of Information and Communications Network Utilization and Information Protection (ICN Act). Described by privacy commentators as one of the strictest privacy laws in the world, the new legislation reflects the baseline standards of the OECD Privacy Guidelines and the APEC Privacy Framework (2004) to a large extent and also appears to exceed those requirements in several respects. This is an introduction to some of the core provisions of the new legislation:… Continue Reading

Article 29 Working Party Publishes Guidance On Cookie Rule Exemptions

By Dan Cooper on Posted in European Union, International
On Tuesday, June 12, the Article 29 Working Party (WP29), a group of European data protection authorities, published an opinion on the exemptions available to the new cookie rules introduced by the revised EU ePrivacy Directive.  The opinion provides guidance on the implementation of the available exemptions to the requirement to obtain internet users’ informed … Continue Reading

Consent in EU Data Protection Law

By Dan Cooper on Posted in Data Security, European Union, International
I recently published an editorial with the European Privacy Association regarding the concept of “consent” under the EU’s Framework Data Protection Directive that is available here.   As the editorial explains, the concept is a fundamental fixture of the EU’s data protection regime featuring in data protection law in a variety of different ways, from “unambiguous” … Continue Reading

EU Watchdog Raises Privacy and Data Protection Concerns About Proposed Treaty To Protect Intellectual Property

By Dan Cooper on Posted in European Union, International
Earlier this week the European Data Protection Supervisor (“EDPS”) adopted an Opinion on the proposed Anti-Counterfeiting Trade Agreement (“ACTA”) between the EU and its Member States, Australia, Canada, Japan, the Republic of Korea, the United Mexican States, the Kingdom of Morocco, New Zealand, the Republic of Singapore, the Swiss Confederation and the USA. The Agreement … Continue Reading

UK Government prepares new legislative proposal to modernise communications data monitoring law

By Dan Cooper on Posted in International, United Kingdom
On 1 April, 2012, the UK press reported that the UK Home Office is preparing to propose new legislative reform of the communications data monitoring law, in the Queen’s Speech in May.  The press reports, and the response from the Home Office on 3 April 2012, provided some further details on a programme that was … Continue Reading

UK ICO Issues Updated Guidance on the Rules on Use of Cookies and Similar Technologies

By Dan Cooper on Posted in European Union, United Kingdom
By Dan Cooper and Maria-Martina Yalamova On December 13, 2011, the UK data protection authority (the “ICO”) issued updated guidance on the new cookie rules (Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011) implemented as part of the review of the EU e-Privacy Directive.  The guidance is intended to help website operators and those … Continue Reading

Draft EU Data Protection Regulation Leaked

By Dan Cooper on Posted in European Union
By Dan Cooper and Kristof Van Quathem A widely-leaked version of the first legislative proposal for a General Data Protection Regulation is making its way through Brussels and beyond.  The draft Regulation — which, among other things, aims to apply a harmonized and updated set of core data protection rules across the EU — will … Continue Reading

House of Lords Calls for a Privacy Commissioner

By Dan Cooper on Posted in United Kingdom
By Dan Cooper and Maria-Martina Yalamova An amendment to a discussion tabled in the House of Lords relating to the Protection of Freedoms Bill 2010 – 2011 has called for the creation of a dedicated Privacy Commissioner. The proposed establishment of a single Privacy Commissioner seeks to correct the existing proliferation of UK commissioners with … Continue Reading

The Swedish DPA Issues Guidelines on the Provision and Use of Cloud Services

By Dan Cooper on Posted in Cloud Computing, European Union, International
Recently, the Swedish Data Protection Authority (“DPA”) published a review of the use of cloud services, informed by the practices of three Swedish municipalities’ use of services from leading cloud providers.  Based on the study, the DPA has published guidelines (currently only available in Swedish) that clarify the requirements of Swedish data protection law with … Continue Reading

Hungary Enacts New Privacy Legislation

By Dan Cooper on Posted in International
By Dan Cooper and Helena Marttila On 11th of July, 2011, Hungary adopted a new data privacy law (Act CXII of 2011 on Informational Self-Determination and Freedom of Information) (the “Act”), which will enter into force on 1 January 2012. The main changes brought about by the Act are briefly discussed below:… Continue Reading

Article 29 Working Party Voices Concerns Over Behavioural Advertising Code

By Dan Cooper on Posted in European Union
By Dan Cooper and Helena Marttila On 26 August, 2011, the Article 29 Working Party, a group of European data protection authorities, published a letter to the Online Behavioural Advertising Industry regarding the proposed industry self-regulatory framework, known as the Best Practice Recommendation on Online Behavioural Advertising (the “Code”). The letter sets out the main … Continue Reading

Indian Government Clarifies New Privacy Rules: Outsourcing Arrangements Exempted

By Dan Cooper on Posted in International
By Dan Cooper and Helena Marttila On 24th of August 2011, the Government of India’s Ministry of Communications & Information Technology finally issued clarification on the application of the 2011 Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules (the “Rules”). As we blogged here, much ambiguity has surrounded the … Continue Reading

South Korea Plans to End “Real Name” Web Requirements

By Dan Cooper on Posted in International
The South Korean Ministry of Public Administration and Security reiterated support this week for its plans to abolish legislation that requires Internet users on social networks to use their real names on websites.  Currently, the law requires websites with more than 100,000 visitors per day to require users to register with their real names.  In … Continue Reading

UK Government Opens a New Consultation on Access to Public Data

By Dan Cooper on Posted in International, United Kingdom
On 4 August, 2011, the Cabinet Office of the UK Government opened a new public consultation on disclosure and access to public sector data.  The consultation, which seeks to “establish a culture of openness” in the public sector, comes soon after a statement from the ICO suggesting that public sector organisations should respond to Freedom of … Continue Reading

Commission Launches Enforcement Proceedings Against 20 Member States on “Cookie” Rules

By Dan Cooper on Posted in Data Breaches, European Union, International, United Kingdom
On July 19, 2011, the European Commission announced that it sent formal requests for further information to 20 Member States regarding their failure to implement the EU’s new package of telecoms rules.  The rules, which include amendments to the E-Privacy Directive to create new consent requirements for the use of most web cookies, were required to … Continue Reading
LexBlog