EU
eCall in All New Cars from April 2018
The European parliament has voted in favour of regulation that will make eCall tracking devices compulsory from 31 March 2018 and fitted as standard into every model of car and small van. The devices will automatically alert the emergency services in the event of an accident, and communicate a vehicle’s exact location, the time of an incident and the direction of travel. The eCall proposals have previously been delayed by privacy concerns. The European Commission has said that information will only leave the car in the event of a severe accident and will not be stored longer than necessary.
eCall details
Germany
German Federal Privacy Commissioner Criticizes Draft Amendment to EU Payment Service Directive
The German Federal Privacy Commissioner, Andrea Voßhoff, has expressed concern over the draft amendment to the EU Payment Service Directive because it would allow payment service providers insight into the sensitive financial data of customers. Voßhoff also criticized the draft for requiring customers to transmit their person security features like their PIN and TAN to payment service providers.
The German Federal Privacy Commissioner press release
Privacy Authority Releases Report on Smart TVs
The Bavarian Data Privacy Authority (BayLDA) has tested smart TVs from 13 manufacturers, covering about 90 percent of the German market, for their retrieval of users’ personal data. In its report, BayLDA makes clear that the aim of the study was not to certify particular companies, but to explore general patterns of data processing by smart TVs in order to prepare future legal assessments. BayLDA’s main finding was that manufacturers and suppliers of smart TVs should guarantee the anonymity of users’ data in compliance with the German Tele Media Act.
The BayLDA report
Digital Agenda Committee View Privacy Regulations as a Competitive Advantage
At the Digital Agenda Committee of the German Bundestag last month, the majority of participants held that a high and uniform level of data protection throughout Europe can be an advantage in international competition for small and medium sized enterprises and start-ups. The predominant view was that data protection is not an obstacle to Big Data and that “anonymisation” and “pseudonymisation” of data must be improved accordingly. A representative from the Board of German Startups, however, said that customers do not necessarily see data protection as an advantage, but rather opt for products with the best features. Along with other industry representatives, he criticized the bureaucratic burden of data protection and called for relief for startups.
Minister of Justice Presents Guidelines on Introduction of
Data Retention
The Federal Minister of Justice, Heiko Maas, last week presented Guidelines for the introduction of a storage requirement and maximum retention period for traffic data. These guidelines outline plans to require providers of telecommunication services to retain telephone numbers, location data and IP addresses for four to ten weeks. Emails, however, will be exempt. Once the retention period has expired, the data shall be deleted. Creating personality and movement profiles will be forbidden. Maas maintained that the guidelines respect the standards set by the European Court of Justice and the German Federal Constitutional Court. The German Federal Privacy Officer, Andrea Voßhoff, however, expressed doubts about this.
Guidelines on Introduction of Data Retention
Privacy Authorities and Business Representatives Present Framework for Cloud Computing
In the course of a pilot project by the Federal Ministry of Economics and Energy, German privacy authorities and business representatives have for the first time developed a legal framework for data privacy certificates in cloud computing. The framework is based on the technical standard ISO/IEC 27018. Its aim is to pave the way for simple and safe cloud computing. The Ministry announced that the framework will eventually be developed and adapted to basic EU regulation on data protection.
The German Federal Ministry for Economy and Energy
UK
IPSA Loses Appeal to Prevent Release of MPs’
Expenses Claims
The Court of Appeal has found that the Independent Parliamentary Standards Authority acted in breach of the Freedom of Information Act 2000 s.1(1) by refusing to provide copies of documents requested by a journalist for the purpose of assessing the genuineness of MPs’ claims for expenses. The documents in question are the original invoices submitted by MPs to claim expenses. Transcripts of these invoices have already been released, but the originals contain handwriting, annotations and other details such as logos and letterheads which the court held was information.
Court of Appeal decision
ICO Publishes Summary of Feedback to Its Big Data Report
The ICO has published a summary of the feedback it received to its Big Data report of July 2014, highlighting some of the themes that have emerged. These include the importance of assessing and differentiating between levels of impact on individuals; the need for regulatory focus on how on how data is used, rather than on how it is collected, and the need to develop further practical measures to ensure data is stored securely. The ICO intends to re-issue the Big Data report this summer.
The ICO’s Summary of Feedback on its Big Data Report