Privacy

6 June 2012 at 11:14am

Data Protection Proposal: Cloud Computing

Andrew Cormack
Cloud computing
Data Protection Regulation
Privacy
Cloud computing, whose whole point is to be independent of geography, does not fit comfortably into current data protection law. The Commission’s new proposal at least shows signs that clouds were a use case that was considered during drafting, so it is more obvious which provisions apply to them. These seem to offer a mixture of carrots and sticks to try to bring clouds within the European data protection regime.
Read more
6 June 2012 at 11:13am

Data Protection Proposal: Incident Response

Andrew Cormack
Data Protection Regulation
Privacy
incident response
The Commission's proposed Data Protection Regulation seems very positive for Incident Response. Indeed Recital 39 explicitly supports the work of Incident Response Teams:
Read more
25 June 2015 at 4:25pm

Europe's Data Protection Proposal

Andrew Cormack
Access Management
Breach Notification
Cloud computing
Data Protection Regulation
Privacy
incident response
Last week the European Commission published their proposed new Data Protection legislation. This will now be discussed and probably amended by the European Parliament and Council of Ministers before it becomes law, a process that most commentators expect to take at least two years. There's a lot in the proposal so this post will just cover the general themes.
Read more
6 June 2012 at 11:10am

More Cookie Advice

Andrew Cormack
Cookies
Privacy
ePrivacy Directive
The Information Commissioner's updated guidance on cookies contains helpful examples and a useful clarifications on cookies not directly linked to a user service (I'm reassured that the Commissioner seems to be heading for the same categories as I came up with).
Read more
6 June 2012 at 11:09am

Leak hints at direction of Data Protection revision

Andrew Cormack
Data Protection Regulation
Privacy
Statewatch have published what appears to be a leaked draft of Commission ideas for revised data protection legislation.
Read more
6 June 2012 at 11:06am

Processing personal data for third party interests

Andrew Cormack
Access Management
Data Protection Directive
Privacy
incident response
An interesting reminder from the European Court of Justice (ECJ) that the Data Protection Directive (95/46/EC) is supposed to make processing and exchanging personal data easier as well as safer.
Read more
6 June 2012 at 11:06am

Cookies: Multi-national Guidance

Andrew Cormack
Cookies
Privacy
ePrivacy Directive
I've been looking around to see what information other countries' authorities are providing about the new EC cookie regulations.
Read more
6 June 2012 at 11:04am

Network Neutrality - a Privacy Issue

Andrew Cormack
Network Neutrality
Privacy
ePrivacy Directive
internet filtering
The European Data Protection Supervisor (EDPS) has published an Opinion on the current Network Neutrality discussions, making the interesting point that blocking, filtering and traffic management activities may affect privacy as well as their more obvious impact on access to services.
Read more
6 June 2012 at 11:03am

Privacy and Incident Response

Andrew Cormack
CSIRT
Data Protection Directive
Privacy
incident response
At a meeting of TERENA's CSIRT Task Force last week, I presented an updated version of my paper on Privacy and Incident Response.
Read more
6 June 2012 at 10:58am

Article 29WP on Cookies

Andrew Cormack
Cookies
Privacy
ePrivacy Directive
Although its main concern is the more general application of consent to data processing a new Opinion from the Article 29 Working Party also provides the first positive hint I’ve seen from regulators on what they think an acceptable cookie interface might look like. Although this is a helpful development – statements from other regulators have mostly concerned what was not acceptable – their ideas still seem to raise significant technical and legal issues.
Read more
Subscribe to Privacy