John Leonard, Computing, Saturday, May 28, 2016
odel contract clauses, the data transfer mechanism deployed by multinational companies like Facebook, Amazon and Google to ship personal data from the EU to the US as an alternative to the now-defunct Safe Harbour framework, look to be in trouble. Irish data protection authorities have warned that model contract clauses are potentially in breach of EU regulations. The Irish Data Protection Commissioner (IDPC) has suggested that the European Court of Justice (ECJ), the same body that invalidated Safe Harbour, should look into the matter.
Stephen Dockery, Wall Street Journal, Thursday, May 26, 2016
The U.S. is promoting the Asia-Pacific Economic Cooperation data transfer agreement as an alternative to the powerful European Union model that is causing American regulators such headaches, a Department of Commerce official said Tuesday. Announced in 2011, APEC’s cross-border privacy rules offer a standard template for data transfers in the organization’s 21 member countries.
Jennifer Baker, IAPP Privacy Tracker, Thursday, May 26, 2016
The fate of Privacy Shield will hang in the balance until at least June 20 as national representatives remain in talks. The Privacy Advisor has learned the Article 31 committee has scheduled at least two further meetings to discuss Privacy Shield after it failed to reach an agreement last week, sources confirmed.
Sam Schechner, Wall Street Journal, Wednesday, May 25, 2016
One of the last legal methods that companies have to store Europeans’ data—everything from Swedish salary files to Spanish selfies—on servers in the U.S. was thrust deeper into limbo Wednesday when a privacy regulator said it would ask Europe’s top court to review its legality. The Irish Data Protection Commissioner’s office said it plans to ask the European Union’s Court of Justice to review backup contractual language that Facebook Inc. and thousands of other companies use to justify sending personal information about Europeans to the United States. The same court last year invalidated the main legal framework the companies had used to do so.
Lothar Determann, Bloomberg BNA, Wednesday, May 25, 2016
Since Oct. 6, national data protection authorities in the EEA rushed to issue inconsistent and unclear guidance to local companies that do business with the U.S. Chaos ensued and numerous myths were added to ones that had previously surrounded the Safe Harbor Program:
Brenda Leong, Brookings, Tuesday, May 24, 2016
In the last two years, there has been a perfect storm on the topic of student data privacy. The role of technology within schools expanded at an unprecedented rate, general awareness of consumer data security and breaches increased, and student databases at the state or national level were established or proposed, which drew great public scrutiny and fear. This maelstrom yielded a tremendous output of legislative activity targeted at education technology companies, that was overwhelmingly focused on protecting and limiting the sharing and use of student data—in rare instances, to the point of forbidding research uses almost completely. There are signs that this wave of fear-driven response has finally crested, and that more measured conversations are occurring; conversations that prioritize the fundamental requirement for appropriate privacy and security, but with a clear focus on the invaluable role of research and analysis and the need to enable it.
Alexander J Martin, The Register, Monday, May 23, 2016
Ministers from half of the European Union's 28 member states have signed a letter asking the EU Commission to drop its “barriers to the free flow of data”. The letter was sent to the EU's digitally focused folk ahead of Wednesday, when the commission will publish the findings of its inquiry into online platforms (“search engines, social media, knowledge and video sharing websites, app stores, etc.”) which took place after the publication of the EU's Digital Single Market Strategy last year. Essentially something of a cry against the EU's data protection legislation, the letter is signed by ministers from Belgium, Bulgaria, Czech Republic, Denmark, Estonia, Finland, Great Britain, Ireland, Latvia, Luxembourg, Lithuania, Poland, Slovenia and Sweden.
Jamie Carter, Tech Radar, Monday, May 23, 2016
After a long wait while bureaucrats worked out the details of new EU data protection law, the European General Data Protection Regulation (GDPR) is here – or at least, it will be in two years. In the wake of Safe Harbour and Privacy Shield, the latest data sharing agreement between the EU and the United States, the GDPR affects all businesses processing personal data, but how?
George Lynch, Bloomberg BNA, Monday, May 23, 2016
The proliferation of surveillance laws around the world have placed multinational companies between the demands of privacy-conscious consumers and increasing data access requests from governments, leaving them to figure out how to comply. Bloomberg BNA Privacy & Data Security News Senior Legal Editor George R. Lynch posed a series of questions to Lothar Determann, a partner in the Global Privacy & Information Management Working Group at Baker & McKenzie LLP in Palo Alto, Calif. on global surveillance laws and how multinational companies should navigate the maze.
Melanie Bates, Future of Privacy Forum, Monday, May 23, 2016
Today, the Future of Privacy Forum (FPF) and ConnectSafely are releasing the Educator’s Guide to Student Data Privacy. Technology tools and applications are changing the way schools and teachers educate students across the country. New resources are making it easier for teachers and students to communicate in and outside of the classroom making learning a 24/7 activity. When schools use technology, a student’s personal information is often collected and shared for the purpose of furthering their education. The Educator’s Guide will help teachers utilize technology in the classroom responsibly and protect their students’ privacy, explaining among other things...