Category: EU

EU: Data sharing with USA in terms of security and terrorism

29. November 2016

This week, Reuters reported that the European Parliament lawmakers supported a data-sharing agreement with the USA, which aims at safeguarding the data exchange between national authorities, in order to improve security and simplify investigations in terms of terrorism.

Basically, the agreement supports personal data such as names, addresses and criminal records in case an exchange by law enforcement agencies in both Europe and the USA takes place.

Axel Voss explained that “EU citizens will have the same rights as U.S. citizens when they seek judicial redress before U.S. courts. This is a major step for the enforcement of fundamental rights for EU citizens.”

What triggered the implementation of such an agreement?

After the mass spying in 2013 by the USA, which caused privacy concerns over the question “What do enforcement agencies with the gained data after colleting it?” the need to find a regulation concerning the gathering, sharing and storing of personal data became more important than ever.

What is the following process?

It is expected that the entire Parliament approves this agreement on the 1st of Dezember 2016. From then on, the respective ministers for justice and home affairs of the 28 European Member States have to sign off the agreement in the coming weeks.

INTERPOL suggests that governments share terrorists’ biometric data

11. November 2016

The IAPP just published an article saying that INTERPOL calls on governments around the world to share terrorists’ biometric data in order to increase global security.

This statement was issued by INTERPOL’s General Assembly saying that it currently possesses information about 9,000 terrorists. However, only 10 percent of these files include biometric information. INTERPOL’s Secretary General, Jürgen Stock, explaines that this can be seen as “a weak link” in the prevention of terrorism.

On one side, some countries – among these are multiple ASEAN countries – have taken big steps with regard to data sharing as they have recently agreed to share biometric data for the purposes of counter-terrorism. On the other side, many governments are still discussing how to handle biometric data domestically. So the sharing of data would be one step ahead.

However, governments worldwide becoming more and more interested in biometric security which might help to fight terrorism. The mentioned suggestion of INTERPOL might also increase this kind of cooperation.

 

The Article 29 Working Party talks about the EU-U.S. Umbrella Agreement

2. November 2016

The Article 29 Working Party published a statement on the EU-U.S. Umbrella agreement at the end of October.

On one side, the statement shows signs of support for the EU-U.S. Umbrella Agreement. However on the other side, it delivers recommendations in order to make sure that the agreement is compliant with European data protection law.

In general, the Article 29 Working Party supports the creaction of a general data protection framework in order for international data transfers to be compliant with national, European and international data protection laws.  Therefore, the Article 29 Working Party elaborates that the respective agreement “considerably strengthens the safeguards in existing law enforcement bilateral treaties with the U.S., some of which were concluded before the development of the EU data protection framework”. 

However, it is also mentioned that clarification is needed in terms of definitions, for example how to define personal data and data processing, due to the fact that European and U.S law have different opinions on what is meant by these terms.

Amendments to adequacy decisions and decisions on European Model Clauses?

25. October 2016

After a meeting of the Article 31 Committee, the European Commission disclosed two drafts concerning the implementation of amendments to the existing adequacy decisions and decisions on EU Model Clauses.

First of all, adequacy decisions determine whether a third country provides adequate safeguards in order to protect personal data. These decisions are made by the Commission after an assessment of the national laws and international commitments in terms of data protection of the respective country. In the following, countries which are established to be adequate are added to the Commission’s “white list”. Therefore, data transfers can be made from the EEA to that country without any further legal requirements.

The opinion concerning these amendments is divided. Some European Member States which participated at the Article 31 Committee meeting were for implemnting theses amendments. However, other European Member States requested more time in order to consider the proposed changes.

Due to this conflict another meeting has to be scheduled to which the  Article 29 Working Party will be aksed to contribute by presenting its views on the respective changes.

Spains DPA: Investigations due to WhatsApp sharing data with Facebook

10. October 2016

After Hamburg’s Data Protection Commissioner strongly recommended that Facebook should stop processing German data gained from WhatsApp, after the U.K. Information Commissioner, the ICO, also started to investigate the agreement betweent WhatsApp and Facebook and after Italy’s data protection authority, the Garante, has started to look into this issue, now Spain’s data protection authority, the AEPD, raises concerns.

Therefore, Spain’s data protection authority advises users to read the terms and conditions especially before accepting them. Furthermore, it offers guidance on changing the respective settings.

Centre for Information Policy Leadership just held GDPR workshop

6. October 2016

Last month, the CIPL held its second workshop in Paris as part of its two-year GDPR implementation project.

During this workshop almost 120 business delegates as well as 12 data protection authorities, four European Member State governments both the European Commission and the European Data Protection Supervisor, a non-DPA regulator and several academics and on top of all of the named above the IAPP participated in order to develop best practices and to build a bridge between authorities and economy.

This time, the workshop mainly focused both on the role of the data protection officers and on the privacy impact assessment, also called PIA.

In this context it was also announced that the Article 29 Working Party is going to release its first guidelines concerning the GDPR either before the end of the year or at the beginning of 2017. These guidelines will include advise on data portability and the role of the DPO. Furthermore, the Article 29 Working Party will also release guidance on risk, PIAs and certifications later on.

CISPE published Code of Conduct

5. October 2016

The Cloud Infrastructure Services Providers in Europe, CISPE, published a Data Protection Code of Conduct for Cloud Infrastructure Service Providers.

CISPE is a relatively new accosiation including more than 20 cloud infrastructure providers that operate within Europe.

The CISPE Code of Conduct focuses on transparency and compliance with EU data protection laws. Therefore, the CISPE Code of Conduct has been designed in such a way that it will be compliant with the GDPR coming into force in May 2018. The CISPE Code of Conduct has been built on internationally recognised state-of-the-art of security measures increasing the data security for cloud customers.

In the press release, Axelle Lemaire, French Minister for Digital Affairs and Innovation, commented that “The CISPE Code of Conduct show that the European cloud computing industry is capable to provide secure and compliant services for all personal and technical data in Europe and improve trust in digital services.”

Dropbox: new server location in Germany

27. September 2016

Heise online released an article last week talking about a new possibility for Dropbox users, namely to select a German server location.

As already announced, EU citizens are now able to save their data on a server located in Germany. However, this new storage possibility is only available for business use so far. The requirement is that more than 250 employees use Dropbox. Therefore, the new server location is not applicable for private use.

However, Dropbox did not build the new server location on its own. In fact, the infrastucture is provided by Amazon though AWS.

 

No liability for free Wifi providers

16. September 2016

The European Court of Justice decided that free Wifi providers are not liable for illegal downloads.

The decision is based on a case between Sony and a German shop owner. Sony sued the German shop owner due to the fact that an internet user unlawfully offered music downloads by using the shop’s free Wifi. Although the case originated in Munich, the judges referred the issue to the European Court of Justice.

The European Court of Justice then found that free Wifi is provided by companies in order to attract potential customers. Therefore, they cannot be held liable for illegal acts committed by others using this respective internet network.

Furthermore, Sony can not claim compensation or seek reimbursement for its court costs.

Nevertheless, the European Court of Justice ruled that Sony could demand internet connections to be password protected, so that a user is required to identify himself before accessing the Wifi.

 

 

Category: EU · European Court of Justice
Tags: ,

German Draft Act concerning the adaption of the upcoming GDPR

14. September 2016

The German Minister of Interior just released a Draft Act concerning the adaptipon of  the General Data Protection Regulation (GDPR), which will come into force in 2018.

However, netzpolitik.org published an article dealing with the critics about the respective draft, which have a crushing impact. Especially, both the Minister of Justice and the Federal Data Protection Officer released statements raising concerns. They worry that due to the Draft Act the data protection level will decrease in Germany so that in the end it will be less than before the GDPR.

Pages: Prev 1 2 3 4 5 6 7 8 9 10 11 12 Next
1 5 6 7 8 9 12