New Alternative Model Contract for the Transfer of Personal Data from the EEA

The EU Data Protection Directive has onerous restrictions regarding the transfer of personal data from the European Economic Area (EEA), such as to the U.S. One way to transfer personal data is through the use of EU approved model data transfer contracts. The EU has recently approved a new more ‘business friendly’ form of model contract which businesses should now consider when weighing up the different options for the transfer of personal data from the EEA.

 

View Alert

EmailShare

Stringent Canadian Privacy Law to Take Effect January 1, 2004

United States companies that conduct business in Canada, as well as most other organizations that collect, use or disclose personal information in the course of a commercial activity within Canada, may be subject to a new law providing expansive privacy protections for Canadian citizens. Effective January 1, 2004, such companies will have to comply with Canada’s Personal Information Protection and Electronic Documents Act. The Canadian Privacy Law deserves particular attention because it entails more extensive privacy requirements than are generally applicable under United States law.

View Alert

EmailShare

New Legal Requirements in Online Marketing

The online environment has led to an increased level of sophistication in marketing activities carried out by businesses. The technology exists for businesses to develop very accurate profiles of the interests and preferences of their users. This information can be exploited to identify potential customers of their products and services. Businesses can then target large numbers of consumers efficiently and cost-effectively in their marketing campaigns.

Read More

EmailShare

The UK’s Data Protection Act of 1998

On 23 September 1980, the Organisation for Economic Cooperation and Development (“OECD”) adopted a set of guidelines concerning data protection and transborder dataflows. Following on from those guidelines, the EU enacted the Convention for the Protection of Individuals With Regard to Automatic Processing of Personal Data (the “Convention”) in 1981. The UK, in response to the OECD guidelines and the Convention, introduced The Data Protection Act 1984 (the “1984 Act”) which concentrated mainly on Personal Data which were stored and processed ‘automatically’ (i.e. computerised Personal Data).

Read More

EmailShare

EU and UK Regulation of Transborder Data Flows

As markets become more global, data protection awareness and compliance in transborder data flows is becoming increasingly important. There are important issues for companies wishing to send personal data to countries outside the European Economic Area (EEA). This paper considers the restriction on transfer of personal data outside the EEA under Directive 95/46/EC1 (the Directive) and in particular the eighth principle under the UK’s Data Protection Act 1998 (the Act),which implements the Directive in the UK, and the ways in which compliance with it’s requirements may be achieved.

As markets become more global, data protection awareness and compliance in transborder data flows is becoming increasingly important. There are important issues for companies wishing to send personal data to countries outside the European Economic Area (EEA). This paper considers the restriction on transfer of personal data outside the EEA under Directive 95/46/EC1 (the Directive) and in particular the eighth principle under the UK’s Data Protection Act 1998 (the Act),which implements the Directive in the UK, and the ways in which compliance with it’s requirements may be achieved.

EmailShare

EU Data Protection Directive

On 23 September 1980, the Organisation for Economic Co-Operation and Development adopted a set of guidelines concerning data protection and transborder data flows. Following on from those guidelines, the EU enacted the Convention for the Protection of Individuals With Regard to Automatic Processing of Personal Data (the “Convention”) in 1981. Within the EU, Member States had divergent laws on data protection and the EU took the view that it would be better to harmonise the laws of all Member States so that people could look to one standard when conducting Processing activity within the EU. At least, that was one of the aspirations. In 1995, after years of discussion the European Data Protection Directive 95/46 EC (the “Directive”) was eventually adopted.

Read More

EmailShare
EmailShare
XSLT Plugin by BMI Calculator