New Report Finds Much Room For Improvement in EU Data Protection Law

Posted on May 27, 2009 by Jeremy Mittman

On May 12, 2009, the UK Information Commissioner's Office (ICO) released a much anticipated report authored by the RAND Corporation assessing the strengths and weaknesses of the 1995 EU Data Protection Directive (95/46/EC) (the "Directive), the main source of privacy legislation in Europe. While the report highlighted a number of the Directive's positive attributes, it nonetheless concluded that as society becomes more globally networked, "the Directive as it stands will not suffice in the long term."

Specifically, the report found fault with the current practice of notification of data processing under the Directive. Each EU Member State has its own system of notification procedures, resulting in high costs for organizations who may need to notify several EU jurisdictions. The report did not mince words, finding that the hodge-podge of notification procedures "can have a crippling impact on the effectiveness of the [notification] obligation, as obligations which are perceived as excessive, unnecessary or ineffective are more likely to be ignored in practice."

The Report also criticized one of the most well-known features of the Directive, the international transfer obligation of data controllers. Under the Directive, an organization may only transfer personal data outside the EU if the recipient entity is located in a jurisdiction that ensures "an adequate level of protection" or if the organization adopts a transfer mechanism such as the Safe Harbor self-certification program, model (standard) contractual clauses, or Binding Corporate Rules. The Report observed that stakeholders were of the opinion that "distinguishing between countries inside and outside the EU was unnecessary and counter-productive in the modern world. For multi-national organisations operating across boundaries but applying the same high standards of data protection across all geographical divisions, this mechanism made no sense and was seen as contrary to harmonisation and global trade." The report also found that the enforcement of the various EU member states' data protection authorities was inconsistent.

While the Report outlined a number of criticisms, it was not completely negative. The Report noted that the Directive's "principles-based" framework fostered flexibility and that the legislation had served to improve awareness of privacy concerns, and that it was "technology" neutral. These positive attributes aside, the report is nonetheless a frank assessment of the Directive and should serve as an impartial catalyst for updating the Directive to make it consistent with current practices and modern expectations.
Tags: , , , , , , , ,

International Privacy Issues and More Addressed in New International Practice Guide

Posted on October 3, 2007 by Proskauer Rose LLP

Proskauer Rose LLP has just released "Proskauer on International Litigation and Arbitration: Managing, Resolving, and Avoiding Cross-Border Business and Regulatory Disputes." The online guide is a practical reference work for businesses and practitioners; it explores best practices and creative yet practical approaches to manage, resolve, and avoid controversies affecting multiple jurisdictions. 

The 28-chapter guide is available free in e-Book format at www.proskauerguide.com. It includes a thorough chapter on international privacy law.

Drawing on the firm's long and extraordinary history in international practice, "Proskauer on International Litigation and Arbitration" is written by the firm's lawyers on the most timely and important topics in international practice, from drafting international agreements to securing/avoiding jurisdiction to judgment enforcement/avoidance, from multi-jurisdictional regulatory proceedings or investigations to protecting witnesses, documents, privacy, and privileges, as well as several additional substantive areas.

"Despite the fact that the explosion in international business and regulatory disputes presents unique challenges, there does not exist for the client or practitioner any comprehensive treatment of the issues arising in international or cross-border litigations, arbitrations, and regulatory investigations or proceedings. We are filling that gap by providing this essential reference guide", said Louis M. Solomon, Co-Chair of Proskauer's Litigation Department and Editor-in-Chief of the Guide. "'Proskauer on International Litigation and Arbitration' would be an extraordinary achievement even if it were limited to being a compendium of the current law in this dynamic and rapidly expanding area. But my colleagues in the Proskauer Litigation Department and International Practice Group have done so much more, producing a resolutely practical guide, emphasizing the concrete and strategic over the theoretical, the lore as well as the law, and the unique opportunities and challenges presented by international litigation and regulatory proceedings."
Tags: , , , , ,