Tag Archives: Data Processor

Article 29 Working Party Opines on Proposed EU Data Protection Law Reform Package

Posted on March 30, 2012 by Hunton & Williams LLP

On March 23, 2012, the Article 29 Working Party (the “Working Party”) adopted an Opinion on the European Commission’s data protection law reform proposals, including the draft Regulation that is of particular importance for businesses. The Working Party’s Opinion serves as the national data protection authorities’ contribution to the legislative process before the European Parliament and the European Council.

Tags: Accountability, Article 29 Working Party, Binding Corporate Rules, Cookies, Data Controller, Data Processor, Data Protection Authority, Data Transfer, EU Data Protection Directive, EU Member States, European Commission, IP Address, Privacy By Design, Right to be Forgotten, Safe Harbor

Philippines Passes Omnibus Data Protection Law

Posted on March 22, 2012 by Hunton & Williams LLP

On March 20, 2012, the Senate of the Philippines unanimously approved the omnibus Data Privacy Act of 2011, also known as “An Act Protecting Individual Personal Information in Information and Communications Systems in the Government and the Private Sector, Creating for This Purpose a National Data Protection Commission, and for Other Purposes” (S.B. 2965). Once signed into law, the legislation will impose a privacy regime modeled on the EU Data Protection Directive. It features significant notice, consent and data breach notification requirements, and it imposes direct obligations on both data controllers and data processors. The law will create a National Privacy Commission with authority to monitor compliance and recommend to the Department of Justice the imposition of penalties for noncompliance, including imprisonment and fines.

Although the bill does not contain cross-border data transfer restrictions, the law will apply to certain foreign processing of personal information about Philippine residents. In an apparent effort to protect the domestic outsourcing industry, however, the law will not apply to “personal information originally collected from residents of foreign jurisdictions in accordance with the laws of those foreign jurisdictions, including any applicable data privacy laws, which is being processed in the Philippines.”

Tags: APEC, Cross-Border Data Flow, Data Controller, Data Processor, EU Data Protection Directive, Legislation, Outsourcing, Philippines

ICO Welcomes European Commission’s Proposed Data Protection Regulation Reforms

Posted on January 31, 2012 by Hunton & Williams LLP

On January 25, 2012, the European Commission released a data protection law reform package, including its proposed General Data Protection Regulation (the “Proposed Regulation”). The UK Information Commissioner’s Office (“ICO”) has reacted positively to the Proposed Regulation, in particular commending efforts to strengthen the rights of individuals, the recognition of important privacy concepts such as privacy by design and privacy impact assessments, and new accountability requirements to ensure organizations properly demonstrate and document their data protection safeguards and procedures.

Tags: Accountability, Christopher Graham, Data Processor, Data Protection Act, Data Transfer, EU Data Protection Directive, European Commission, Information Commissioners Office, Privacy By Design, United Kingdom

European Commission Drafts to Reform the EU Data Protection Framework Enter Interservice Consultation

Posted on December 6, 2011 by Hunton & Williams LLP

In early December 2011, drafts of two legal instruments prepared by DG Justice of the European Commission to reform the EU data protection framework entered interservice consultation. This process will give other Directorates-General of the Commission the opportunity to comment on the drafts before they are formally released as legislative proposals; accordingly, changes to the drafts are likely. Following this comment period, the drafts will enter the EU legislative process, which is likely to take at least two to three years before they become law. It is believed that Justice Commissioner and Commission Vice-President Viviane Reding will formally announce final versions of the drafts at an appearance at the World Economic Forum in late January 2012.

Tags: Article 29 Working Party, Binding Corporate Rules, Data Controller, Data Processor, Data Protection Authority, EU Data Protection Directive, European Commission, European Data Protection Supervisor, European Parliament, Opt-In Consent, Viviane Reding

French Data Protection Authority Launches Public Consultation on Cloud Computing

Posted on October 17, 2011 by Hunton & Williams LLP

On October 17, 2011, the French Data Protection Authority (the “CNIL”) launched a public consultation on cloud computing (the “Consultation”). The Consultation seeks to gather opinions from stakeholders (clients, providers, consultants) regarding cloud computing services for businesses, to identify legal and technical solutions that address data protection concerns while taking into account the economic interests involved.

Tags: Cloud Computing, CNIL, Data Processor, Data Protection Authority, Data Transfer, EU Member States, France

Singapore Information Ministry Solicits Comments on Proposed Data Privacy Framework

Posted on October 11, 2011 by Hunton & Williams LLP

On September 13, 2011, the Singapore Ministry of Information, Communications and the Arts (the “Ministry”) published a Proposed Consumer Data Protection Regime for Singapore, outlining possible ideas for a data privacy framework and soliciting comments from the public. A few of the suggestions from the Ministry’s proposal that appear most likely to be reflected in a final data privacy law are outlined below.

Tags: APEC, Cross-Border Data Flow, Data Processor, Singapore

Colombian Data Protection Law Approved by Constitutional Court

Posted on October 10, 2011 by Hunton & Williams LLP

On October 7, 2011, the Constitutional Court of Colombia approved a landmark omnibus data protection law. According to its press release, the Court approved almost all provisions in the legislation, known as Ley estatutaria No. 184/ 10 Senado, 046/10 Cámara, but it took issue with Article 27 (which addresses the government’s processing of certain data), Article 29 (which addresses the expunging of certain criminal records) and Articles 30 and 31 (which both address intelligence and counterintelligence databases). Many of the remaining provisions reflect a strong European influence. Some highlights include:

With certain exceptions, the law prohibits the processing of personal data without the data subject’s prior consent. When the personal data are sensitive data (e.g., health data), the consent must take the form of an explicit authorization.
The law permits cross-border transfers of personal data to countries that lack adequate data protection laws only in specified circumstances, such as (1) when the data subject has given express and unequivocal consent for the transfer (2) the transfer is necessary for the performance of a contract between the data subject and the data controller, or (3) with the approval of the Superintendence of Industry and Commerce.
The processing of children’s personal data is generally prohibited.
Data subjects have access rights.

Tags: Colombia, Cross-Border Data Flow, Data Controller, Data Processor, Latin America, Legislation

Angola Passes Personal Data Protection Law

Posted on September 19, 2011 by Hunton & Williams LLP

On June 17, 2011, the National Assembly of the Republic of Angola passed Law 22/11 on Personal Data Protection. The omnibus privacy legislation applies to the automated and non-automated processing of personal data by controllers based or operating in Angola, or subject to, or using equipment governed by, Angola’s laws. Some highlights of the law are listed below.
Continue reading…

Tags: Adequacy, Angola, Data Controller, Data Processor, Data Transfer, Legislation, Video Surveillance

Privacy and Information Security Law Blog - Global privacy and information security law updates and analysis

Tag Archives: Data Processor

Article 29 Working Party Opines on Proposed EU Data Protection Law Reform Package

Philippines Passes Omnibus Data Protection Law

ICO Welcomes European Commission’s Proposed Data Protection Regulation Reforms

Singapore Information Ministry Solicits Comments on Proposed Data Privacy Framework

Colombian Data Protection Law Approved by Constitutional Court

Angola Passes Personal Data Protection Law

Published By Hunton & Williams

Search

Subscribe

Topics

Recent Updates

Blogroll

Privacy News