PL&B International E-news, Issue 82

1. Yahoo fined by Belgian court for refusing to disclose personal data

On 3 March a Belgian court fined Yahoo 55,000 Euros for refusing to disclose information about users for use in a fraud investigation. Yahoo will continue to be fined 10,000 Euros per day until the search engine company complies with the order. The prosecutor investigating an alleged fraud by people using pseudonyms in Yahoo email addresses ordered Yahoo to provide their true identities. Yahoo refused on the ground that it is a US-based company and that such information should be requested through US authorities.

2. EU Art. 29 DP WP publishes decision on data controller to data processor standard contractual clauses for international transfers

Yesterday, the Article 29 Working Party announced that it had adopted an Opinion on 5th March on the Commission’s draft Decision on standard contractual clauses for the transfer of personal data to processors in third countries. Subject to several recommendations, the Working Party (the national Data Protection Authorities) gave a favourable opinion on the Commission’s draft decision, and invited the Article 31 Committee (the Member States) to continue its work with a view to adopting the Commission’s Draft Decision.

The recommendations included:

  1. Recitals in the Decision providing for authorised international transfers outside the European Union/European Economic Area
  2. Allowing sub-processors to stipulate agreements when sensitive data such as biometric, genetic, judicial, or financial data are exported
  3. Organisational solutions for data subjects’ rights, such as a single corporate contact point
  4. Auditing and inspections
  5. Governing law to be the law of the exporting state
  6. Transitional provisions for old contractual clauses.

An analysis of the Opinion will appear in the April issue of PL&B International Newsletter.

3. European Court of Justice orders disclosure of safety experts’ meeting’s sound recording, comments and drafts

There is no privacy for experts advising on dangerous substances, says the European Court of Justice (Borax v. Commission, Cases T-121/05, T-166/05) in a decision last week.

On 11 March the European Court of Justice ordered the EU Commission to hand over to Borax, a chemicals company, the sound recording, transcript, draft reports, and sixteen comments from a meeting of independent experts who advised that Borax products should be labelled as hazardous to fertility and the unborn. The Court rejected the Commission arguments that identifying the experts would violate their privacy and that disclosing the verbatim records would damage the decision-making process.

The decision is the latest in a series of rulings by the Court (PL&B International Newsletter, February 2009 p.24) holding that:

  • lobbyists meeting with the Commission must be identified
  • legal advice regarding EU legislation must be revealed, and
  • minutes of advisory meetings must be disclosed.

A full analysis will appear in the April issue of PL&B International Newsletter.

4. Switzerland to disclose client details in tax evasion cases

On 13 March the Swiss government announced that it will cooperate with other countries by providing information about clients in cases where there is “compelling evidence of tax evasion” (see PL&B International Newsletter February 2009 p.1). The Swiss President and Finance Minister, Hans-Rudolf Merz, also announced that Switzerland will adopt the standards set by the Organization for Economic Cooperation and Development for international co-operation regarding tax evasion.

5. US Federal Communications Commission to fine 650+ telecoms companies for lax data security

On 24 February, the US Federal Communications Commission (FCC) announced that it was proposing fines totalling more than $13 million on small telecommunications companies for not protecting customers’ personal data. The Federal Communications Commission proposed $20,000 fines on more than 650 small phone, pager and wireless providers for not filing paperwork that certifies they have put protections in place to protect customer phone data.

Click here for further information about subscribing to the international newsletter.

Copyright Privacy Laws & Business 2009