Dan Cooper

Dan Cooper

Daniel Cooper heads up the firm’s growing Data Privacy and Cybersecurity practice in London, and counsels clients in the information technology, pharmaceutical research, sports and financial services industries, among others, on European and UK data protection, data retention and freedom of information laws, as well as associated information technology and e-commerce laws and regulations. Mr. Cooper also regularly counsels clients with respect to Internet-related liabilities under European and US laws. Mr. Cooper sits on the advisory boards of a number of privacy NGOs, privacy think tanks, and related bodies.

Subscribe to all posts by Dan Cooper

Hungary Enacts New Privacy Legislation

By Dan Cooper and Helena Marttila On 11th of July, 2011, Hungary adopted a new data privacy law (Act CXII of 2011 on Informational Self-Determination and Freedom of Information) (the “Act”), which will enter into force on 1 January 2012. The main changes brought about by the Act are briefly discussed below:… Continue Reading

Article 29 Working Party Voices Concerns Over Behavioural Advertising Code

By Dan Cooper and Helena Marttila On 26 August, 2011, the Article 29 Working Party, a group of European data protection authorities, published a letter to the Online Behavioural Advertising Industry regarding the proposed industry self-regulatory framework, known as the Best Practice Recommendation on Online Behavioural Advertising (the “Code”). The letter sets out the main … Continue Reading

Indian Government Clarifies New Privacy Rules: Outsourcing Arrangements Exempted

By Dan Cooper and Helena Marttila On 24th of August 2011, the Government of India’s Ministry of Communications & Information Technology finally issued clarification on the application of the 2011 Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules (the “Rules”). As we blogged here, much ambiguity has surrounded the … Continue Reading

South Korea Plans to End “Real Name” Web Requirements

The South Korean Ministry of Public Administration and Security reiterated support this week for its plans to abolish legislation that requires Internet users on social networks to use their real names on websites.  Currently, the law requires websites with more than 100,000 visitors per day to require users to register with their real names.  In … Continue Reading

UK Government Opens a New Consultation on Access to Public Data

On 4 August, 2011, the Cabinet Office of the UK Government opened a new public consultation on disclosure and access to public sector data.  The consultation, which seeks to “establish a culture of openness” in the public sector, comes soon after a statement from the ICO suggesting that public sector organisations should respond to Freedom of … Continue Reading

Commission Launches Enforcement Proceedings Against 20 Member States on “Cookie” Rules

On July 19, 2011, the European Commission announced that it sent formal requests for further information to 20 Member States regarding their failure to implement the EU’s new package of telecoms rules.  The rules, which include amendments to the E-Privacy Directive to create new consent requirements for the use of most web cookies, were required to … Continue Reading

Working Party 29 Releases New Opinion on the Meaning of “Consent”

w consents can be given over Bluetooth advertising boards; consents for employee pictures to be posted to company intranets;  consents regarding electronic health records and full body security scanners; and consents given during the use of an online social network; among others. Written partly in response to a Commission request, the Opinion will no doubt … Continue Reading

European Parliament Approves Report on Privacy Reform

The European Parliament approved the report of rapporteur Axel Voss yesterday.  Titled “Personal data protection in the European Union”, the report endorsed the Commission’s aim of reforming the Data Protection Directive (95/46/EC) and suggested specific directions for the upcoming reform.  Among other positions explored by the report, the European Parliament: Repeated calls for more regulation … Continue Reading

Working Party 29 Issues New Opinion on Prevention of Money Laundering and Terrorist Financing

Earlier this week the European group of national data protection authorities, collectively the Working Party 29 (“WP 29”), released a new opinion on data protection issues relating to the prevention of money laundering and terrorist financing.  The new paper features a slew of new recommendations from the WP 29 that are designed to enhance privacy … Continue Reading

On First Day of New UK Cookie Rules, ICO Issues a 1-year Moratorium on Enforcement

Late yesterday the UK ICO issued a new press release and guidance on its plans to enforce the new UK “cookie regulation,” which was enacted by the UK Government to implement the EU’s e-Privacy Directive.   The new release, which follows previous ICO guidance outlining how businesses might comply with the new rules (see my previous post), declared that the ICO … Continue Reading

Article 29 Working Party Releases Opinion on Geo-Location Data for Smart Mobile Devices

On Monday, the Article 29 Working Party released its new Opinion on geo-location data collection and processing in smart mobile devices.  The paper comes on the heels of a recent furor over the extent to which smart phones collect, process and transmit location data without the full knowledge and consent of the phone’s users.  It represents the first … Continue Reading

New Privacy and Data Security Events Spur New EU Investigations

Smartphone Location Data Last week two UK-based researchers revealed that Apple iPhones record location-based data in an unencrypted file stored on each phone. The information, gleaned from WiFi routers and cellular towers within the phone’s signal range, has been collected without the knowledge of the phones’ owners, and would allow Apple to track each phone’s … Continue Reading

EU Working Party 29 Publishes New Series of Opinions

The EU Art 29. Working Party finished its 80th plenary meeting in Brussels last week.  This week, the Party released a series of new policy opinions produced during the plenary.  The highlights included: A declaration that, in WP 29’s opinion, New Zealand’s data protection regime is now “adequate” for the purposes of international data transfer.  This opinion will now be … Continue Reading

German Support for Czech Court Decision is a Further Setback for EU Data Retention Directive

On Tuesday the German Working Group on Data Retention endorsed the Czech Constitutional Court’s decision to annul a Czech data retention law.  The Czech court held that the law, which included a blanket obligation on telecommunication companies to retain Czech citizens’ telephone, mobile phone, e-mail and Internet access records, was incompatible with Czech citizens’ fundamental right … Continue Reading

EU Commissioner Reding expresses views on Data Protection Directive reform

At a hearing organized by the European People’s Party on March 31, EU Commissioner Reding lifted the veil on some of the business friendly measures the European Commission intends to propose in the revision of the Data Protection Directive.  While remaining vague on how many of these measures will be achieved, Ms. Reding highlighted five priorities:… Continue Reading

CNIL Imposes 100,000 Euro Fine on Google for Wi-Spi Activity

On March 17, the French data protection authority, the Commission nationale de l’informatique et des libertes (CNIL), imposed a 100,000 Euro fine on Google, for privacy violations arising from its collection of personal data with respect to its Street View product and its Latitude geolocation service.  This is the largest fine assessed by CNIL since … Continue Reading

UK Extends CAP Code Restrictions to Online Businesses

On March 1, the scope of the UK’s Code of Non-broadcast Advertising, Sales Promotion and Direct Marketing (“CAP Code”) was significantly expanded to apply to a variety of new technologies, including online social networks, online video advertisements, viral advertisements, in-game advertisements, and advertisements transmitted via web widgets, and online sales promotions and prize promotions.  The … Continue Reading

EU Commission Proposes Mandatory Transfer of Passenger Name Records

The European Commission has proposed a Passenger Name Record Directive that would require airlines to provide EU Member States with data on passengers arriving from, or departing to, countries outside the EU. Under the proposal, copies of such PNR data held on an airline’s reservation system would be transferred to a dedicated “Passenger Information Unit” … Continue Reading