Category: Uncategorized

What you don’t know about EU DATA PRIVACY law and why you need to know it today.

Outside a select group of specialists in IT law (and the even more limited and select group of data privacy law specialists), few company advisors or corporate legal departments truly understand how to be in perfect compliance with European Union data privacy regulations.

Yet nearly every company doing business in the EU has to comply.

If you’re reading this, you have probably been frustrated by the complexity of the requirements, provisions such as Safe Harbor, Model Contractual Clauses, whether to appoint a Data Privacy Officer, etc.

Some of that is about to change.  Basic compliance could soon be achieved by simply amending your company’s internal policy documents.

How? By adopting Binding Corporate Rules, aka “BCRs”.

BCRs are internal policies that any company controlling data can adopt and apply to its entire group, wherever it is doing business, and be compliant with EU Data Privacy regulations, once and for all.

Until now, BCRs were only an option for ‘controllers’ – but the European Commission’s Article 29 Working Party has adopted a document (WP195) on BCRs for data ‘processors’ (the vast majority of companies are processors, not controllers; if you have to ask, you’re most likely a processor).

Why do you need to know this today?

Because the rules the Working Party published are essentially the same as those already in effect for data controllers – meaning that you can start drafting your BCRs today and ready them for submission. As soon as we are clear that the currently non-binding document is acceptable to EU Member State data authorities, you’re good to go.

Given the pressure from the private sector to simplify data privacy compliance, I think that we’ll soon have a win-win here.

If you need more information or would like help working on your data privacy issues, click the feedback button (on the left).

 

US DOJ brings in FBI to investigate News Corp bribes to Scotland Yard.

FOXNews Headquarters

When details emerged last July that employees of News International (the press arm of News Corp) had possibly bribed 5 Scotland Yard police officers, the FCPA red alert must surely have sounded in News Corp’s legal department. Since then, News has brought in a number of heavy hitters to cover them, including immediately hiring Mark Mendelsohn from Paul Weiss Rifkind (a former deputy chief of the Fraud Section in the DOJ’s Criminal Division –  who helped devise the FCPA enforcement program) and the D.C. firm of Williams & Connolly, specialists in corporate compliance matters.

That the US DOJ has been working closely with UK investigators should come as no surprise to anyone following this matter and last month’s arrest of five alleged bribery scheme participants on criminal charges likely gave the signal to make public FBI involvement in the investigation.

Legal coverage for a necessarily international internal compliance investigation and evidence gathering (as well as putting together multiple defenses) will obviously generate considerable business for all the firms involved.

Since News earned over $30 billion last year, it can probably afford the attorney fees and any fines it will incur. However, facing criminal charges is a different ballgame and News would be remiss to not leverage its populist news media outlets to portray the investigation as politically motivated. Serving time in prison is an incredible motivator.

If you are interested in delving into the details of the UK Leveson Inquiry and its rogues gallery of hackers, hacked and outright despicable characters, the Guardian (which broke the story) does it very well.

Photo: Jim Henderson

US F.D.A. Approves Ivacaftor

Bravo to Vertex for bringing this to market. Molecules to address the genetic basis of a disease are incredibly expensive to develop and market.

Even though this only addresses one of the mutated genes (G551D) that cause Cystic Fibrosis, it brings hope. Respiratory illnesses are horribly painful and I hope that the relief this provides brings happiness to patients, their families and loved ones.

I’m sure that EMA approval is not far behind.

F.D.A. Approves Cystic Fibrosis Drug – NYTimes.com.

PIP founder arrested at home. Denies industrial silicone was harmful.

Jean-Claude Mas was reported arrested this morning at dawn according to France Info radio. He admits using unapproved for human use industrial grade silicone in his breast implants but claims that they caused no harm. One of the charges the investigative judge  is bringing against him is involuntary homicide–this was the basis of his detention this morning.

More to follow.

Guardian story in English:

http://bit.ly/zlhFWa

EU Telecoms Package Directive and Cookies: Some compliance tips.

The French Commission nationale de l’informatique et des libertés (CNIL) recently published some advice on how to implement the new requirement that web site users consent to the placement of cookies on their devices by sites they visit. According to the Directive, neither a warning in the site’s Terms of Service (ToS) or acceptance through browser settings are adequate compliance. So what does the CNIL recommend?

  • a banner at the top of a webpage (such as implemented on the website of the UK data protection commissioner: www.ico.gov.uk as well as the CNIL : www.cnil.fr);
  • a consent request zone constructed as an html overlay on the page;
  • a set of tick boxes presented during subscription to a online service.

In this lawyer’s opinion, the steps above will likely be too onerous for entities without a very clear EU-emphasis to implement and will grossly affect the usability of many sites. Moreover, are applications that use web APIs and never go through a browser are somehow exempt from the requirements? Personally, I’m chagrined by Internet technology-specific legislation that is so poorly thought through that it is outdated by the time its implementation begins. What’s a poor “data administrator” to do? 
http://www.cnil.fr/english/news-and-events/news/article/what-the-telecoms-package-changes-for-cookies/

Facing inquiries?

You have had a lot of success in the marketplace and you may in fact be the market leader. With success comes responsibility–the obligation to engage in fair competition and to respect your distributors.

Do you want to know the 5 secrets to how you can ensure competition law compliance and maintain friendly relations with the EU and local authorities?

Each week I will publish one vitally important piece of advice that you can immediately use in your enterprise, along with the possibility to contact me for further information if you need it. This week’s secret: Train your salesforce