Privacy Officers Network
01 November 2006
Roundtable on Russia, Portugal & Greece
The UK's Information Commissioner, Richard Thomas, is hosting this year's Privacy and Data Protection Commissioners' own Annual Conference, on November 2nd and 3rd in London. Privacy regulators are coming to London from all over the world. Therefore, Privacy Laws & Business is organising this EPON Roundtable on November 1st.
Andrey Vladimirovich Fedosenko, Leading Counsellor of the Russian State Duma's Committee on Constitutional Legislation and State Construction, principal author of the new law, who will explain the contents of the new law and will be travelling from Moscow specifically for our Roundtable. This new law is an innovation for Russia and Mr. Fedosenko tells me that both European Union and United States models have been taken into account.
Lana Haworth, London-based non-practising barrister and analyst of Russian law, will describe Russia's business law context into which the new data protection law fits.
Dr. Luis Silveira, President, Comissão Nacional de Protecção de Dados (Portuguese Data Protection Authority) will speak on:
- Overview of Portugal's data protection law and any differences in scope, interpretation or implementation of the European Union's Data Protection Directive from the lines adopted in other EU member states
- Notification system, exemptions, role of prior checking for some sensitive data, for example, credit, creditworthiness and financial solvency; the notification and prior checking process, and the time needed for it
- Employee monitoring, for example, e-mail, Internet, GPS, biometric checking, phone call recording; balance between rights of individuals and duties of employers; permits granted by law with conditions, for example, data cannot be used to monitor employees' performance
- International transfers of personal data outside the European Economic Area (EEA); the CNPD's attitude towards EU model contacts and Binding Corporate Rules (Portugal is not yet processing a BCR application as the lead authority); CNPD evaluation under EU Data Protection Directive Art. 26.2 (Potugal' Art. 20); specific permits for international transfers of personal data outside the EEA; unilateral declarations not recognised in Portuguese law; when are a data exporter's guarantees sufficient to protect the personal data? Attitude towards a single EU wide approval for Binding Corporate Rules? Possibility of change of Portuguese law to permit single EU wide approval of BCRs?
Christos Politis, a member of the Board, and Philippos Mitletton, Legal Auditor at Greece's Data Protection Authority will cover similar subjects to those on Portugal.