EU-U.S. Interoperability Not Ready for Prime Time

Posted on March 23, 2012 by Hunton & Williams LLP

On March 19, 2012, the European Commission hosted this year’s Safe Harbor Conference in Washington, D.C., to address the transfer of data from Europe to the United States. Although it appears the Safe Harbor framework will remain unchanged for the time being, it seems unlikely the United States will be considered adequate, or even interoperable, with the EU for purposes of cross-border data transfers.

Continue reading…

Tags: , , , , , , ,

ICC Issues Policy Statement on Issues Related to Cross-Border Law Enforcement Access to Company Data

Posted on March 22, 2012 by Hunton & Williams LLP

On March 20, 2012, the International Chamber of Commerce (the “ICC”) released a policy statement entitled “Cross-border law enforcement access to company data – current issues under data protection and privacy law.” The text of the ICC press release quoting Hunton & Williams Brussels partner Christopher Kuner, Chair of the ICC Task Force on Protection of Personal Data and Privacy, is reproduced below.

The International Chamber of Commerce (ICC) has issued a policy statement pointing out conflicts that can arise between law enforcement requirements and privacy commitments when governments seek access to personal data held by companies across national borders.

Entitled “Cross-border law enforcement access to company data – current issues under data protection and privacy law”, the statement analyses the issues that can arise in such situations, and makes recommendations that can help ensure respect for both law enforcement interests and those under data protection and privacy laws and commitments.

“Companies that process data in different countries are facing increasing government pressure to comply with law enforcement and regulatory requests that may conflict both with data protection and privacy laws in other countries in which they operate, and with consumer expectations and commitments to business partners,” said Christopher Kuner, Chair of the Task Force on Protection of Personal Data and Privacy, established by the ICC Commission on the Digital Economy.

“While some countries or regions have legal frameworks for reconciling law enforcement requirements with requirements under data protection and privacy law, many do not, and this can cause companies major problems,” Mr Kuner added. “These sorts of problems are only increasing, given the growth in trans-border data flows.”

Such problems can include conflict with privacy and data protection laws; the violation of commitments to individuals, employees and/or customers; the risk of causing political tensions; and the negative impact a conflict of laws can have on companies’ decisions to invest in certain countries, thus impeding the flow of international commerce.

Drawn up by the ICC Task Force on Protection of Personal Data and Privacy, the statement aims to point out to governments and law enforcement authorities the conflicting requirements many companies are expected to meet; to make recommendations to allow these requirements to be reconciled, and thus to strengthen the flow of global commerce by giving companies the increased legal security they need.

“Implementation of the policy recommendations would allow for improved compliance with legitimate public and law enforcement requests, and would permit companies to better cope with conflicting legal obligations, promote compliance with data protection and privacy laws in general, and ultimately strengthen the flow of international commerce by giving companies increased legal security to plan further investments,” Mr Kuner said.

The ICC statement represents the participation of 95 companies, organizations and ICC national committees in 25 countries worldwide.

Read the full policy statement.

Tags: ,

2012 IAPP Global Privacy Summit

Posted on March 6, 2012 by Hunton & Williams LLP

Join us at the International Association of Privacy Professionals (“IAPP”) Global Privacy Summit in Washington, D.C., March 7-9, 2012. Hunton & Williams privacy professionals will be featured speakers in the following sessions:

  • Mending Fences after a Breach
    Thursday, March 8, 12:15 p.m.
    Speakers include: Lisa J. Sotto, partner and head of the Global Privacy and Data Security practice, Hunton & Williams LLP; Susan Grant, Director of Consumer Protection, Consumer Federation of America; and Joanne B. McNabb, Chief, California Office of Privacy Protection. Continue reading…
Tags: , , , , , , , , , , , , , , , , , ,

German Federal Constitutional Court Restricts Access to User Data for Law Enforcement Purposes

Posted on March 1, 2012 by Hunton & Williams LLP

On February 24, 2012, the German Federal Constitutional Court (Bundesverfassungsgericht) ruled that certain provisions in the Federal Telecommunications Act concerning the disclosure of telecom user data to law enforcement agencies violate the German constitution. The Court held that strict conditions apply when law enforcement authorities and intelligence agencies ask telecommunications service providers (which may include hospitals and hotels) to turn over certain user data, i.e. passwords and PIN codes.

Continue reading…

Tags: , ,

American Bar Association Asks Courts to Consider Foreign Privacy Laws

Posted on February 24, 2012 by Hunton & Williams LLP

The American Bar Association’s (“ABA’s”) House of Delegates adopted a non-binding resolution urging courts to consider foreign data protection and privacy laws when resolving discovery issues. The full text of the resolution is as follows:

“RESOLVED, That the American Bar Association urges that, where possible in the context of the proceedings before them, U.S. federal, state, territorial, tribal and local courts consider and respect, as appropriate, the data protection and privacy laws of any applicable foreign sovereign, and the interests of any person who is subject to or benefits from such laws, with regard to data sought in discovery in civil litigation.”

Continue reading…

Tags: , , , , , , , ,

European Court of Justice Sets Criteria for Balancing Privacy Rights and Copyrights in the Social Networking Context

Posted on February 17, 2012 by Hunton & Williams LLP

On February 16, 2012, the European Court of Justice held in the SABAM vs. Netlog case (C-360/10) that imposing an obligation on social networks to install a “general filtering system” to prevent all users from sharing copyrighted music is disproportionate to the extent that such filters may infringe on user privacy rights or block lawful communications. SABAM, a Belgian copyright association, had filed an injunction against social network provider Netlog that would have required Netlog to install filtering systems to prevent copyright infringements by Netlog users. The Belgian court deciding on the injunction requested a preliminary ruling from the ECJ.

Continue reading…

Tags: , ,

Article 29 Working Party Issues Guidance on European Patients Smart Open Services

Posted on February 14, 2012 by Hunton & Williams LLP

On January 25, 2012, the Article 29 Working Party (the “Working Party”) issued a Working Document providing guidance on data protection issues relating to the European Patients Smart Open Services (“epSOS”) project. epSOS is a pilot project focused on developing an information and communications technology infrastructure that enables access to patient health information (i.e., Patient Summaries) among different EU Member States for the purpose of providing medical treatment. The project also aims to facilitate the cross-border use of electronic prescriptions (i.e., ePrescriptions). epSOS involves the collaboration of a significant number of health care provider organizations and companies that contribute their knowledge and expertise to the project.

Continue reading…

Tags: , , , , ,

UK Ministry of Justice Opens Call for Evidence on European Commission’s Proposed Regulation and Directive

Posted on February 7, 2012 by Hunton & Williams LLP

On February 7, 2012, the UK Ministry of Justice launched its Call for Evidence on the European Commission’s proposed general data protection regulation and criminal justice data protection directive (the “Proposals”). The Ministry is looking to gain perspective and solicit feedback on how the Proposals likely would impact organizations and individuals in the UK.

Continue reading…

Tags: , , , ,

UK ICO Issues Revised Guidance on Fines

Posted on February 7, 2012 by Hunton & Williams LLP

Monetary penalties are one mechanism in a suite of tools that the UK Information Commissioner’s Office (“ICO”) uses to encourage compliance with data protection regulations. The ICO generally uses monetary penalties to sanction deliberate or negligent breaches of the law, but the purpose is not to impose financial hardship but rather to “act as an encouragement towards compliance, or at least as a deterrent against non-compliance.” The following is a brief overview of the ICO’s authority to issue monetary penalties. Continue reading…

Tags: , , ,

Hunton & Williams Partner Publishes Comprehensive Analysis of EU Data Protection Regulation Reform Proposal

Posted on February 6, 2012 by Hunton & Williams LLP

Christopher Kuner, partner in the Brussels office of Hunton & Williams, has published an article providing an exhaustive analysis of the European Commission’s proposed Data Protection Regulation reform package, which was released on January 25, 2012. The article, which appears in the February 6 issue of the BNA Privacy Law Watch, discusses the background and genesis of the proposal, analyzes the provisions of greatest interest to the private sector, and draws conclusions about the proposed reform package’s impact and future as it enters the EU legislative process.

Read the full text of Kuner’s article, The European Commission’s Proposed Data Protection Regulation: A Copernican Revolution in European Data Protection Law.

Tags: ,