EU – US Data Transfer/Safe Harbor Talks, German IT Security and More: Data Privacy Alert for 27 July 2015
EU – US Data Transfer/Safe Harbor Talks Inch Closer to Deal On 23 July 2015, high level talks recommenced between Vera Jourová and Penny Pritzer with the intention of strengthening the Trans-Atlantic data transfer agreement and resolving the remaining disputes in relation to the agreement. The two officials continue to disagree on the issue of whether US authorities should be able to access personal data for national security purposes.
Following the talks, the EU justice chief Vera Jourová commented that she is aiming for a finalization of discussions in the coming weeks.
Bundestag Adopts Draft Law on IT Security
The Bundestag, the German Federal Parliament, has recently adopted controversial draft law on IT security. The draft aims to improve IT security in companies and public bodies, especially in the field of critical infrastructure, thus stipulating minimum security standards and reporting obligations for operators and providers of communication systems. The Federal Office for Information Security (BSI) has been given a fundamental role and fines of 100,000 euros for non-compliance will be enforced.
The draft has previously been criticized by German privacy watchdogs and consumer organizations who suggest that it does not protect data adequately.
German Privacy Commissioner Presents Activity Report for 2013 and 2014
Last month, the German Privacy Commissioner, Andrea Voßhoff, presented the 25th activity report on data protection to the German Parliament. Voßhoff called for more resources to be dedicated to her administration and for the administration to be provided with the opportunity to present activity reports to the parliamentary plenum in the future. In relation to the Cookie Directive, Voßhoff called for the legislator to implement the consent solution clearly in the German Telemedia Act.
Federal Government Provides Draft on WLAN Liability to EU Commission
The German Federal Government has recently presented its controversial draft to the EU Commission concerning WLAN providers’ liability in respect of disturbances. The draft has undergone minor revision after strong criticism from public authorities as well as commercial and private providers. The draft now stipulates that WLAN providers shall not be principally responsible for infringements by WLAN users and that any liability as a result of disturbances should be avoided through reasonable protective measures.
Federal Privacy Authorities Examine Social Networks and Dating Portals
In a press release, the privacy officer of Baden-Württemberg announced that several federal states, notably Hamburg, Bavaria and Baden-Württemberg, are in the process of randomly examining social networks and dating portals in order to ensure that they are compliant with German data privacy laws. Numerous companies registered in these states have received comprehensive questionnaires on how they manage personal user data. The companies are expected to these requests by the end of July.
Tier 1 Applicants Required to Provide Criminal Record Certificates
The government has introduced a new requirement for Tier 1 entry clearance applicants to provide criminal record certificates. From 1 September 2015, investors and entrepreneurs applying for entry to the UK will need to supply certificates from any country they have lived in for 12 months or more in the 10 years prior.
Hackers Leak Data Stolen from Infidelity Website
On 20 July, hackers stole data from Ashley Madison, an infidelity website, and are threatening to make personal details of subscribers publicly available. Ashley Madison has been attempting to keep the stolen data off the web through the use of legislation such as the Digital Millennium Copyright Act (DMCA).
UK Government Announces FOIA Review
The UK Government announced this week the setting up of a five person commission to consider whether the Freedom of Information Act 2000 is too expensive and overly intrusive. Cabinet Office Minister, Matthew Hancock, stated that the Commission would “consider whether there is an appropriate public interest balance between transparency, accountability and the need for sensitive information to have robust protection”. The Information Commission has stated he believes the FOIA to be fit for purpose.