Categories
Articles

Data Protection Proposal: Federated Access Management

The European Commission’s proposed Data Protection Regulation supports recent thinking in moving away from using consent as a basis for federated access management systems. The consent of the data subject is still one of the legitimate grounds for processing personal data but it cannot be used “where there is a significant imbalance” between the organisation […]

Categories
Articles

Data Protection Proposal: Privacy Breaches

In dealing with breaches of privacy the Commission’s enthusiasm to protect and reassure Internet users seems to run the risk of having the opposite effect. Article 4(9) of the proposed Regulation defines ‘personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, […]

Categories
Articles

Data Protection Proposal: Cloud Computing

Cloud computing, whose whole point is to be independent of geography, does not fit comfortably into current data protection law. The Commission’s new proposal at least shows signs that clouds were a use case that was considered during drafting, so it is more obvious which provisions apply to them. These seem to offer a mixture […]

Categories
Articles

Data Protection Proposal: Incident Response

The Commission’s proposed Data Protection Regulation seems very positive for Incident Response. Indeed Recital 39 explicitly supports the work of Incident Response Teams: The processing of data to the extent strictly necessary for the purposes of ensuring network and information security … by public authorities, Computer Emergency Response Teams … providers of electronic communications networks […]

Categories
Articles

Europe’s Data Protection Proposal

Last week the European Commission published their proposed new Data Protection legislation. This will now be discussed and probably amended by the European Parliament and Council of Ministers before it becomes law, a process that most commentators expect to take at least two years. There’s a lot in the proposal so this post will just […]

Categories
Articles

ECJ on Copyright Injunctions

The European Court of Justice has set some limits for the sorts of measures that ISPs can be compelled to implement to discourage copyright breach by their networks. Back in 2004 the Belgian rightsholder representative SABAM sought a court order requiring an ISP, Scarlet, to install devices on its network that inspected the content of […]

Categories
Articles

Processing personal data for third party interests

An interesting reminder from the European Court of Justice (ECJ) that the Data Protection Directive (95/46/EC) is supposed to make processing and exchanging personal data easier as well as safer. The Directive contains a number of different reasons justifying processing of personal data (gathered together as Schedule 2 of the UK Data Protection Act 1998), […]

Categories
Articles

Website Blocking: Copyright

The latest judgment from the BT/Newzbin case sets out what BT will be required to do to prevent its users accessing the Newzbin2 website that an earlier case found to be breaching copyright. From next month, BT will be required to add the Newzbin URLs to the system it already uses to limit access to […]

Categories
Articles

Joint Committee Report on Draft Defamation Bill

The report of Parliament’s Joint Committee on the Draft Defamation Bill acknowledges the problems raised in our response to the consultation and proposes some novel solutions. As was noted by the Law Commission in 2002, current defamation law encourages Internet hosts to remove material provided by third parties as soon as they receive a complaint […]

Categories
Articles

Website Blocking: Alive or Dead?

Last year’s Digital Economy Act 2010 created a power (s.17) for a court to order a service provider to prevent access to a “location on the Internet” if that location was being used, or likely to be used, to infringe copyright. That power has not been brought into force and last January Ofcom were asked […]