PL&B International E-news, Issue 43

1. Ireland’s Minister for Justice, Equality and Law Reform drafts new Privacy Bill

Ireland’s Minister for Justice, Equality and Law Reform, Michael McDowell, is currently drafting the core elements of a new Privacy Bill.

Following a meeting this April, Ministers agreed to proceed with his proposed Defamation Bill and a report on privacy drafted by senior counsel Brian Murray.

Rather than granting citizens new rights, the legislation will more clearly illustrate rights currently available under the Constitution and the European Convention on Human Rights.

Under the Bill, a press council would be set up under law but independently appointed. It would monitor the conduct of media organisations and impose penalties for misconduct.

The press would be granted a defence from libel actions provided they published information in the public interest.

Source: The Irish Times

2. First Spam decision in Latin America

On April 7, 2006, a federal judge in Buenos Aires, Argentina, issued the first decision in a spam case, under the new data protection law.

In their complaint the plaintiffs argued that section 27 of the 2000 Argentine Data Protection Law gave them a right to opt out, which the spammer had not complied with.

Last month the judge issued the final decision, ordering the defendants to stop any processing of personal data of the plaintiffs and to delete their personal information.

Spam is starting to be regulated in Latin America. Recently, bills were introduced in Congress in Brazil, Argentina and Chile.

Report by Pablo Palazzi. A longer report will be published in the April/May edition of the International newsletter, due for publication next week.

3. Agencies are not protecting citizens’ security rights, says the US Government Accountability Office

The Government Accountability Office (GAO) in the US published an 83-page report this April, which claimed that Government agencies that use private information for law enforcement, counter terrorism and other investigations, often do not follow federal rules to protect the privacy of citizens.

The Justice Department, the Department of Homeland Security, and two other agencies examined by the GAO spent about $30 million last year on companies that maintain electronic files about adults’ current and past addresses, buying habits, phone numbers, etc. But often the agencies do not limit the collection and use of information about law-abiding citizens, as required by the Privacy Act of 1974. Not do they ensure the accuracy of the information they are buying, says the report.

Source: The Washington Post

4. European Data Protection Supervisor presents second annual report

The European Data Protection Supervisor (EDPS) said, on April 19, that it will be monitoring the growing pressure on database controllers to allow access to law enforcement authorities. In its second annual report, the agency listed several key priorities for 2006, including the issuance of guidelines on processing of personal data related to the use of electronic communications networks, and on personal data transfers to third countries, international organizations, and European bodies outside the scope of the data protection directive.

By Dugie Standeford

5. Singapore government set to produce recommendations as to efficacy of sectoral privacy laws

A government committee in Singapore is studying how well Singapore laws protect the privacy of personal information. It aims to produce its recommendations by the middle of this year.

Members of the panel visited Australia and Canada earlier this year, in order to see the impact of their data protection models on the economy and various organisations.
Although around 100 different laws already exist in Singapore to provide some form of privacy protection, and there are strict provisions in sectoral laws, such as the Banking Act and codes for medical professionals, a wider perspective on data protection is needed.

Source: The Straits Times

6. South Korea tests ways to stop Internet crime

A man was arrested in South Korea in early April for selling identity numbers and other personal data on the Internet. Police discovered that he was leading a 12-person ring that was selling compact disks that contained the personal data of as many as 7.7 million people.

The government has since decided that it can no longer delay the planned overhaul of the country’s online identification system.

Most South Korean websites require members to register by presenting their name and 13-digit identity number, which is issued to every South Korean at birth.

“The government is introducing alternative systems that have a stronger identification power, protect privacy and help prevent the illegal use of IDs even if they are leaked,” said Park Tai Hee of the Ministry of Information and Communication.

However, many site operations fear that the methods being tested may stifle Internet growth.

Source: International Herald Tribune

7. Bahamas expects EU adequacy declaration when DP law comes into effect

The Bahamas Government has still not brought into effect Data Protection legislation which was passed over two years ago, because it has yet to appoint a Data Protection Commissioner.

The delay in the introduction in the legislation is particularly embarrassing following the theft of customer data from an up-market hotel in January. The 2,000-roomed Atlantis Resort on Paradise Island reported the loss of credit card and bank account numbers of around 55,000 guests after a database break-in.

It was expected that once the Data Protection Act came into effect, it would quickly be accorded adequacy status by the European Commission.

By Kevin Broadfoot. A longer report will be published in the April/May edition of the International newsletter

For further details on the Privacy Laws & Business International Newsletter, please click here.

Copyright Privacy Laws & Business 2006