Category: News

Last week I wrote about the leaked draft of the Regulation that is to replace Directive 95/46/EC. This week’s leak is the Directive that extends data protection to Europe's law enforcement agencies. ("Proposal for a Directive on the protection of individuals with regard to the processing of personal data by competent authorities for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of crime”). This Directive has one main objective: data sharing between Europe's law enforcement

The first impression of this leaked text is that this version of the Regulation is more prescriptive than Directive 95/46/EC and will get up most data controllers and Governmental noses. I think the text makes far too many fundamental changes than can be reasonably done via a Regulation (which has three times as many Articles as the Directive it replaces). And this conclusion is from someone who thinks changes to the UK data protection regime are badly needed (see references). I think this

It's very rare that I post another blog, but this is a rare event indeed: a data subject has taken successful action for compensation under section 13 of the Data Protection Act. Normally what happens if a data controller has caused damage, there is an out-of-court settlement with a gagging (sorry “confidentiality”) clause so no-one is the wiser. The claimant brought an action following an unauthorised disclosure of his personal medical data, in or about December 2007. The partner of

The last Labour Government did it in spades and now the Coalition has followed suit. What is “it”? Why enacting legislation that grants Ministers wide ranging and unchecked powers concerning the processing of personal data of course. Don't worry: it's just our health records. About two weeks ago, a colleague at the British Computer Society asked me a simple question: “Does the Health and Social Care Bill, currently before Parliament, permit medical research without patient consent?”. Having waded through 400

The EU Justice Commissioner Viviane Reding, Vice-President of the European Commission, and the German Federal Minister for Consumer Protection, Ilse Aigner, have come forward with a joint statement claiming that proposals to reform the 1995 Data Protection Directive will be published by the end of January 2012. I have annotated their statement with obvious comments that have come to mind. It is clear that their promise for “to achieve a robust data protection framework for Europe's internal market that can successfully

I have just delivered a talk at today's NADPO conference and was followed by Jonathan Bamford, Head of Strategic Liaison, at the ICO’s office. A few things he said I was unaware of – so here goes. The ICO is concerned that the CCTV/ANPR provisions in the Freedoms Bill are limited to police and local authorities whereas CCTV and ANPR technology is widely used by others (e.g. in private car parks), and in an equally potentially invasive way. I got

A woman is injured falling down on a bus in Dublin; CCTV images record the event. If the woman applies for subject access, does she get the images? That was the question before the Irish Court, as the bus company refused access because the woman might be seeking compensation. Why should this interest UK readers; well because Counsel for the Dublin Bus Company trotted out the Court of Appeal decision in Durant (which of course is the equivalent of waiving