It was just 30 years ago today…

This February 2017 edition of the Privacy Laws & Business International Report is our 30th Anniversary edition. Yes, it was 30 years ago today, when PL&B started on its way!

We break new ground with an exclusive commentary (pp.10-13) and table by Professor Graham Greenleaf, our Asia-Pacific Editor, of 120 national data privacy laws (pp.14-23) and 31 national Bills (pp.24- 26). This marks a 10% increase in the number of laws from our last survey in February 2015.

By contrast, the survey in our first edition, which I launched in February 1987, listed 10 national data protection laws and 7 countries with draft laws. If you want to see the early 1987 – 2004 editions, they are freely available on the PL&B website (you must log in to read them).

How did my work in information law begin? I am often asked this question. The answer lies with Open Government: Lessons from America based on my research visit to the US and Canada in 1976 and published in May 1980. It is has now been made freely available for the first time on the Internet to mark this 30th Anniversary thanks to Graham Greenleaf and Philip Chung, Executive Director, the World Legal Information Institute - WorldLII.

We have mapped the development of data protection laws worldwide continuously since February 1987. Laura Linkomies, Editor, must share the recognition for our work together, as this year marks her 20th Anniversary with PL&B. We cover not only the laws and proposed laws but also significant court decisions, for example, by the Court of Justice of the European Union (p.32) and by Japan’s Supreme Court (p.28), and their impact on companies. Managers and lawyers want to know about the content of the laws and regulations and how to implement them in a cost-efficient way, including any grey areas needing analysis and interpretation.
My hard working colleagues and I in the Privacy Laws & Business team ensure that we keep closely attuned to our clients’ information needs by attending conferences (pp.1, 3-5 and 27-28) and organising events where we meet our clients, correspondents and other contacts from around the world. All PL&B events offer Solicitors Regulation Authority’s (SRA’s) Continuing Professional Development (CPD) points – for example:

  • 7 SRA hours at a new event, The GDPR and Retailing: Consent, profiling and disruptive technologies PL&B’s one day conference hosted by law firm, DWF, in London on 4 May.
  • 18 CPD hours at Promoting Privacy with Innovation, our 30th Anniversary International Conference in Cambridge, 3-5 July, at St. John’s College, Cambridge. A list of 35 confirmed speakers from 11 countries is available. At this conference, Graham Greenleaf will provide a session on global data privacy law trends; and a half day parallel session on data privacy law developments in 6 Asian countries.

Precisely in tune with this conference title, Àngels Barbarà i Fondevila, the Director of the Catalan Data Protection Authority, informed me yesterday that she has launched a Data Protection by Design Award. This is a competition with financial awards for the winners. “The awards will showcase applications or systems that improve the implementation of security measures, facilitate compliance with legal obligations in the field of data protection, strengthen people’s control over their own information and, in general, make the management of privacy easier.” Applications may be sent by 15 March from any country in Catalan, Spanish, English or French.

Data Protection Officers (DPOs) everywhere will be delighted to learn that the national Data Protection Authorities in the European Economic Area have agreed that that DPOs are not personally responsible for non-compliance with the GDPR (p.5). This will make the job of DPO more attractive for people considering this role and easier for companies to attract new DPOs.  Privacy Laws & Business can help you with our specialist Recruitment Service.  

We are celebrating PL&B’s 30th Anniversary with a free presentation to launch the Data Protection Top 10 free publication. This event is at law firm Bristows in cooperation with Privacy Laws & Business, in London next Wednesday 22 February.

Come and join the celebrations of our 30th Anniversary while we look to the future by preparing more events in the second half of the year.


Stewart Dresner, Publisher

International Report 145

Lead story:

EU DP Regulation now faces the challenge of consistency

Nearly half way between the adoption of the EU Data Protection Regulation and May 2018 when it applies, concerns include national variations and international data transfers.  Laura Linkomies reports.

Contents also include:

  • Comment: More laws, more awareness
  • Is an e-Privacy Regulation needed?
  • IP addresses and personal data: Did CJEU ask the right questions?
  • President Trump repudiates agreement with EU on PNR data
  • Indonesia enacts data law
  • US cybersecurity standards
  • EU DPAs issue GDPR guidance
  • EU starts consultation on restrictions to flow of data
  • Argentina adopts regulations and issues draft Bill
  • Spain, UK and Finland issue GDPR guidance
  • Japan’s Supreme Court rules on delisting of search results
  • UK, Germany and Czech Republic ask to join Privacy Shield case
  • Netherlands Senate to debate draft GDPR bill
  • Germany publishes draft law for the GDPR
  • 120 national data privacy laws now include Indonesia and Turkey
  • Global table of DP laws
  • Global table of data privacy Bills for new Acts