Category: Data Protection

I have been rather ambivalent about the debate about consent in the Directive 95/46/EC and the proposed replacement Regulation (if it happens). However the antics of the Insurance Industry in the UK in relation to subject access have convinced me that the European Parliament’s approach towards consent needs supporting. So what has the Insurance Industry done to deserve reproach? Well it has continued with its practice of asking, when needed, the data subject to consent to subject access to their

Google has received all kinds of plaudits for quickly introducing its “right to be forgotten” procedure; however from what I have read in the press, its procedure for the removal of URLs is not fit for purpose. In this blog, I explain why Google’s procedure appears to be so defective. So, for the sake of argument, let’s assume that you want to have a URL removed for whatever reason. As I explained in my previous blogs (see references), this will

A tsunami of misinformation has overwhelmed the ECJ’s ruling on Google: high-tech corporate America, NGOs and parts of the UK media are claiming that the judgement constitutes shocking defeat for the concept of freedom of expression. In support of this claim, these organisations are publishing statements that are simply not true. This blog reviews this coverage in the hope that in this sea of error, a life-raft of objectivity can continue to float on the surface. The rhetoric The UK

  Yesterday’s European Court of Justice (ECJ) Ruling which established that Google was a data controller because its search engines processed personal data has been widely reported as establishing an automatic “right to be forgotten”. This view is incorrect and in this blog, I explain why. Also overlooked in the furore is the simple matter of the right to object to marketing; this has the potential to be far more problematic for Google’s business model. The ECJ Judgment First I

Am I the only one that is increasingly worried about the uncontrolled use of DNA as a biometric identifier for security devices and log-on routines? These are being introduced as part of the next development in tablets and mobile phones like the iPhone. It all started five years ago in the USA when Yale, one of the world’s leading lock-makers, started experimenting with a kind of spittoon attached to a DNA analyser and one of its advanced electronic industrial locks.

  An analysis of Section 28 Certificates issued by the previous Labour Government shows that the exemptions for the national security function are excessive. The recent publication of a “memorandum of understanding” and analysis of the TfL Certificate (last week’s blog) shows that the current Government has continued this policy. It is my view, that if the national security agencies were required to apply the data protection principles, subject to appropriate exemptions and an effective system of regulation (not necessarily