Cedric Laurant

Archive for the ‘News’ Category

, , , , , , , , , , ,

Nueva “Guía de Privacidad para Hispanohablantes 2012″

In News, Spanish on 9 January, 2012 at 21:40

Cedric Laurant Consulting y Privacy International se complacen en presentar la Guía de Privacidad para Hispanohablantes 2012.

Este documento es una traducción del inglés al español de una selección de las partes más relevantes y más actuales de dos informes: la ultima edición de Privacy & Human Rights 2006 (Privacidad y Derechos Humanos 2006) y European Privacy and Human Rights 2010 (Privacidad y Derechos Humanos en Europa 2010).

Privacy & Human Rights es un informe anual publicado por el Electronic Privacy Information Center (EPIC) y Privacy International que proporciona una vista general de temas claves de privacidad y protección de datos y revisa el estado de la privacidad en más de 75 países alrededor del mundo. El informe resume las protecciones legales, nuevos desafíos, los asuntos y los acontecimientos importantes que relacionan a la protección de la intimidad y datos. Publicada anualmente desde 1998, esta investigación ha llegado a ser el análisis más completo sobre la intimidad global jamás antes publicado.

European Privacy and Human Rights 2010 es un proyecto realizado en el año 2010 por Privacy International, EPIC y el Centro de Medios de Comunicación y Ciencias de la Comunicación (CMCS) de la Central European University (CEU) de Budapest en Hungría, financiado por el Programa Especial “Derechos Fundamentales y Ciudadanía” de la Comisión Europea (2007-2013).

La Guía de Privacidad para Hispanohablantes 2012 incluye los capítulos siguientes:

  • Información general sobre privacidad (definición, facetas, modelos de protección, derecho a la privacidad, evolución de la protección de datos, supervisión y comisionados de privacidad y protección de datos, etc.)
  • Temas sobre privacidad (sistemas de identificación y cédulas de identidad, privacidad en el centro laboral, sitios de redes sociales y comunidades virtuales, vigilancia de las comunicaciones, autenticación y revelación de la identidad, registros públicos)
  • Privacidad y Derechos Humanos en Europa 2010 (hallazgos principales, investigación y análisis, criterios e indicadores, resultados y metodología)
  • Unión Europea
  • España
  • Anexo: fuentes sobre privacidad.

Guía de Privacidad para Hispanohablantes 2012 [pdf - 6,5 MB]

Guía de Privacidad para Hispanohablantes 2012

Guía de Privacidad para Hispanohablantes 2012

Share

, , , , , , , , , , ,

The New “Privacy Guide for Spanish Speakers 2012″ Is Out

In News on 9 January, 2012 at 21:37

Cedric Laurant Consulting and Privacy International (“PI”) are pleased to present the Privacy Guide for Spanish Speakers 2012 (Guía de Privacidad para Hispanohablantes 2012).

This report is made up of a translation into Spanish of the most current and relevant sections of the Privacy and Human Rights 2006 and European Privacy and Human Rights 2010 reports.

Privacy and Human Right is an annual report by Privacy International and the Electronic Privacy Information Center (EPIC) that reviews the state of privacy in over 75 countries around the world. It outlines legal protections for privacy, new challenges, and summarizes important issues and events relating to privacy and surveillance. The report provides an overview of key privacy topics and reviews the state of privacy in over 75 countries around the world. Published since 1998, this document has become the most comprehensive report on privacy and data protection ever published.

European Privacy and Human Rights 2010 was a project undertaken in 2010 by PI, EPIC and the Center for Media and Communications Studies of the Central European University. It was funded by the European Commission’s Special Programme “Fundamental Rights and Citizenship” 2007-2013. The report investigates the European landscape of national privacy and data protection laws and regulations in 33 countries in Europe, as well as any other laws or recent factual developments with and impact on privacy. The study consists of country reports, an overview presenting a comparative legal and policy analysis of main privacy topics and a privacy ranking for all the countries surveyed.

The Privacy Guide for Spanish Speakers 2012 (Guía de Privacidad para Hispanohablantes 2012) includes the following chapters:

  • Overview of privacy (definition, aspects, models of privacy protection, right to privacy, evolution of data protection, oversight and privacy and data protection commissioners, etc.)
  • Privacy topics (identification systems and identity cards, workplace privacy, social networking and virtual communities, surveillance of communications, authentication and identity disclosure, public records)
  • European Privacy and Human Rights 2010 (key findings, research and analysis, criteria and metrics, results and methodology)
  • European Union
  • Spain
  • Appendix: privacy resources

Privacy Guide for Spanish Speakers 2012 (Guía de Privacidad para Hispanohablantes 2012) [pdf - 6,5 MB]

Privacy Guide for Spanish Speakers 2012

Privacy Guide for Spanish Speakers 2012 (Guía de Privacidad para Hispanohablantes 2012)

Share

, , , , , , , , , , ,

Release of “European Privacy & Human Rights 2010″

In News on 31 January, 2011 at 01:28

On Data Protection Day, 28 January 2011, and after 10 months of efforts, we published the European Privacy & Human Rights 2010 report (“EPHR”), a collective work that investigates the European landscape of national privacy and data protection laws and regulations, as well as any other laws or recent developments that have had an impact on privacy, in particular over the last two years.  The research field encompasses jurisdictions of all 27 EU Member States, two EFTA countries (Norway and Switzerland), three EU accession candidate countries (Croatia, Macedonia and Turkey), and the EU itself as a jurisdiction.

The study presents an overview of European privacy and data protection laws and developments in 33 reports, each available in English and translated into the country’s official language. It is accompanied by a comparative legal and policy analysis of privacy topics, with its particular methodology, criteria and metrics and key findings, as well as a privacy ranking of all countries surveyed, a summary of country developments, and privacy resources.

Privacy ranking chart based upon "European Privacy & Human Rights 2010" (EPHR Project/Privacy International)

Privacy ranking based upon "European Privacy & Human Rights 2010" (EPHR Project/Privacy International)

The “EPHR 2010″ report is part of a broader project that comprises 3 action areas:

  1. action area 1: the report itself;
  2. action area 2: the dissemination of information and its publication on multiple online and offline platforms, and
  3. action area 3: the development of innovative awareness-raising campaigns.

The last two are yet to be finished over the next 6 months. The video above is one of the first outputs of “action area 2″.  You can find more information about the EPHR project from the presentation I gave last February 2010 in Barcelona, and about the video here.

Many people contributed to this report: first of all, my colleague Matteo Bonfanti, with whom I completed and edited all country reports; more than 90 privacy and data protection experts from 32 countries all over Europe: colleagues, academics, privacy advocates and lawyers; the research teams at Privacy International (Gus Hosein, Alexander Hanff and others , who built the comparative legal and policy analysis) and at the Center for Media and Communication Studies of the Central European University (my colleague Kristina Irion in particular, who also coordinates the whole EPHR project).  Last but not least, the European Commission’s Special Programme “Fundamental Rights and Citizenship (2007-2013)” funded most of this project, including the video.  Without their help, none of this would probably have seen the light of day.

The EPHR report builds upon the legacy of EPIC & Privacy International’s Privacy & Human Rights survey, to which more than 300 privacy experts from all over the world have participated over more than a decade, making this survey the world’s most comprehensive report on privacy and data protection ever published.

Share

, , , , , , , , ,

New Blog: “Information Security Breaches & The Law”

In News on 7 August, 2010 at 22:15

Last June, I have started with a colleague, Marie-Andrée Weiss, a blog dedicated specifically to the topic of information security breaches (“Information Security Breaches & The Law”) from both a legal and technical perspectives.

The blog, which is written in English and French, and later will also be in Spanish, will include opinions, comments on recent news, laws or other developments, research notes and conference reports in the area of information security breaches, mainly in the United States, Europe and Latin America.  It also features a “Security Breaches Library” that includes links to major recent reports and surveys, upcoming conferences, calls for papers and news, all on the same subject of information security breaches.

It should be of interest to company executives concerned with information security issues in their business, as well as to professionals practicing in the field of information security, privacy and data protection, along with the interested general public.

Below is an outline of the first blog posts:

  • Will France adopt a law requiring the notification of security breaches? (August 6, 2010): A French bill “to better guarantee the right to privacy in the digital age” has implemented the European Directive 2009/136/EC by requiring the data controller to inform the “Data Protection Correspondent” or the French data protection authority, of a breach of integrity or confidentiality. Those involved in the breach must also be informed, at least if security breaches are “likely to adversely affect” their personal data. The bill follows the recommendation of the Directive to notify individuals of security breaches for all sectors, not just electronic communications. It was adopted by the French Senate on March 24, 2010 and is currently before the National Assembly. (A French version of this article is also available here.)
  • Article 29 Data Protection Working Party reports on implementation of Data Retention Directive (July 19, 2010): The Article 29 Data Protection Working Party has adopted on July 13, 2010 a report on the EU Data Retention Directive (2006/24/EC). This report is the Working Party’s contribution to the evaluation of the implementation of the Data Retention Directive by the European Commission, which is due by September 15, 2010. The report details the results of a joint inquiry made by the data protection authorities about the compliance, at the national level, with the obligations of telecom providers and Internet service providers with both the Data Retention Directive and articles 6 and 9 of the EU e-Privacy Directive (2002/58/EC).
  • Are ‘clouds’ located outside the European Union unlawful? (July 16, 2010): A central aspect of every cloud service contract is the security of data processing. It is therefore important, if only for liability reasons, that responsibility for specific security measures be clearly assigned. This can be done by using security service level agreements between the cloud service provider and its client that clearly assign who is responsible for which particular security measure. Storing data in a cloud located outside the EU raises specific legal compliance issues. According to some experts, such clouds are even unlawful. There are, however, some ways to make sure that, even if a data controller stores data into a cloud located in a third country, he is still in compliance with German data protection law. A data exporter must use, in order to satisfy the adequate level of data protection requirement, specific standard contractual clauses for all contracts with a cloud service company located outside the EU. Binding corporate rules are the alternative solution, though only for private clouds.
  • The Safe Harbor Framework: not a “safe harbor” anymore for US companies? German expert body insists on stronger compliance stance (July 9, 2010): On April 29, 2010, the Düsseldorfer Kreis, an informal group of German data protection authorities, published a decision that could have significant repercussions on U.S. companies importing personal data from organizations operating in the European Union. One of these repercussions is that German organizations exporting personal data to the United States should check if the U.S. data importer does indeed comply with the Safe Harbor Framework. Security plan recommendations will provide for a useful guideline to E.U. data exporters to help them comply with the Safe Harbor’s Security Principle.
  • Canada May Soon Have a Data Breach Law (June 5, 2010): a bill called the “Safeguarding Canadian’s Personal Information Act” (C-29) that would amend Canada’s national privacy legislation. C-29 would introduce a security breach disclosure (also called “notification” in the United States) requirement in PIPEDA. Canada does not yet have such a law, contrary to the United States where the majority of states have enacted data breach notification statutes.

Share

Follow

Get every new post delivered to your Inbox.

Join 318 other followers