EU Directive 2009/136/EC of the European Parliament and of the Council

of 25 November 2009 amending Directive 2002/22/EC on universal service and users’ rights relating to electronic communications networks and services, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on cooperation between national authorities responsible for the enforcement of consumer protection […]

Article 29 Data Protection Working Party, Opinion 05/2009 on Social Networking

Opinion 05/2009 on Social Networking,01189/09/EN, WP 163 Opinion’s Executive Summary “This Opinion focuses on how the operation of social networking sites can meet the requirements of EU data protection legislation. It principally is intended to provide guidance to SNS providers on the measures that need to be in place to ensure compliance with EU law. The Opinion notes […]

Article 29 Data Protection Working Party, Working Document setting up a framework for the structure of Binding Corporate Rules

From the Introduction: “To try and further assist and guide organisations in developing BCRs the Working Party has developed the attached framework which is a suggestion of what the BCRs might look like when incorporating all of the necessary elements identified in documents WP 74 and WP 108.”   Relevant Law: Directive 95/46/EC, Article 26(2); Documents WP […]

Article 29 Data Protection Working Party, Working Document on Frequently Asked Questions (FAQs) related to Binding Corporate Rules

From the Working Document: “The working party/Data Protection Authorities have published these FAQs in light of their experience of the applications made for approval of BCRs and enquiries received about the interpretation of documents WP 74  and WP 108. The FAQs are intended to clarify particular requirements for applicants in order to assist them in […]

Autorità Garante della Privacy (Italian Data Protection Authority) decision issued on 24 May 2006, doc. web n. 1299063

Topic: Release of university researchers’ personal data Diffusione di dati personali sulla vita privata di ricercatori universitari – 24 maggio 2006 “Ai sensi degli artt. 143, comma 1, lett. c) e 154, comma 1, lett. d) del Codice, vieta ai titolari del trattamento effettuato mediante diffusione sulle pagine webwww.covoprieca.com/controinformazione/casicovoprieca/vivisezione/indirizzivivisettori.htm, www.olocausto2000.it/lab_cri, ewww.sezione150.it/site/article_read.asp?id=104, così come individuati alle lettere c), d) […]

Asian-Pacific Economic Cooperation, Data Privacy

APEC Data Privacy Pathfinder (Sept 2007): “established by APEC Ministers to achieve accountable cross-border flow of personal information within the APEC region. This goal is to be achieved by developing and implementing a Cross-Border Privacy Rules (CBPR) system, consistent with the APEC Privacy Framework which was endorsed by APEC Ministers in 2004″. APEC Privacy Framework (published […]

European Court of Justice, Joined cases C-317/04 and C-318/04 – Opinion of Advocate General Léger

From the Opinion: “38.      The Community legislature also wished that the protective regime thus established should not be impaired when personal data leave Community territory. It became apparent that the international dimension of information flows  would render legislation that was effective only in that territory inadequate if not useless. The Community legislature therefore opted for a […]

Article 29 Data Protection Working Party, Working Document Establishing a Model Checklist Application for Approval of Binding Corporate Rules

From the Working Document: “This checklist is designed to assist a group of companies when it applies for approval of its binding corporate rules and in particular to help demonstrate how the group complies with WP74.”   Relevant Law: Directive 95/46/EC, Article 26(2); Documents WP 74 The full text available at http://ec.europa.eu… Open pdf

European Commission Decision 2004/915/EC, amending Decision 2001/497/EC

From the Decision: “This decision amends Commission Decision 2001/497/EC of 15 June 2001 on standard contractual clauses for the transfer of personal data to third countries under Directive 95/46/EC for the purpose of laying down an effective model set of standard contractual clauses which ensures adequate safeguards for the transfer of data to third countries.” […]