Following on from the a ruling by the ECHR at the end of last year regarding the retention of DNA data on criminal suspects, the Court of Appeal has in the last week made its judgment in relation to retention by the police of photos (loosely) collected in connection with an arms trade protest.

In both cases it was Article 8 of the ECHR (interference with the right to respect for private life) which was the focus and in both cases the rights of the individual were upheld. But where, Datonomy asks, is the discussion around obligations on data retention which are enshrined in the Data Protection Act in all of this?

Following the former ECHR judgment there was outrage from privacy groups at the UK Government's apparent disregard of its recommendations as the Government proposed new plans for retention of DNA data which still proposed … Continue Reading ››
Via Nikos Prentoulis comes this link to a piece in Wired that gives us a glimpse into the track record of Obama Supreme Court nominee Sonia Sotomayor. In Specht and others v Netscape Sotomayer was on of the three presiding Circuit Court judges. In this case the plaintffs sued a provider of computer software programs and its corporate parent, alleging that a “plug-in” software program, created in order to facilitate internet use and made available for free downloading, invaded the plaintiffs’ privacy by clandestinely transmitting personal information to the software provider when the plaintiffs employed the plug-in program to browse the internet. As Wired reports,
"In 2002, Sotomayor wrote a decision nullifying Netscape’s online click-wrap agreement, which demanded binding arbitration of disputes between Netscape and its customers. The “free download” button for Netscape’s browser software was … Continue Reading ››
Data protection in the context of the National Health Service (NHS) in the United Kingdom has been in the spotlight this week.
eWeek Europe reports today that the NHS has received a written warning from the Information Commissioner over a spate of recent data breaches concerning patients' records. This warning letter will be backed up by spot-checks on hospitals to ascertain the state of compliance [note: there is no general power to enter premises in order to conduct spot-checks in the absence of a warrent under sch.9 of the Data Protection Act 1998. It is however understood that public sector bodies will not resist such a request, and the Coroners and Justice Bill 2009, noted by Datonomy here, contained proposals to extend the ICO's rights of access].

An earlier report in The Guardian indicates that NHS patients will not be … Continue Reading ››
"Stolen RAF vice files spark blackmail fear" was the heading of the report in The Guardian on the theft of sensitive files detailing the extramarital affairs, drug-taking and use of prostitutes by very senior officers in the United Kingdom's Royal Air Force -- a theft which, the Ministry of Defence fears, will expose up to 500 senior RAF personnel to blackmail.

Right: The RAF -- cute rondel, but security requires a key

Three computer hard drives, holding the unencrypted personal information, went missing from RAF Innsworth, Gloucestershire, in September of last year. A fortnight after the theft, the RAF said they contained "only" the bank details and home addresses of 50,000 servicemen and women. Neither the then Information Commissioner Sir Richard Thomas nor Parliament itself were notified of the true position, outlined in an internal Ministry of Defence memo which was … Continue Reading ››
This branch of Datonomy is still struggling with the Rand Review of the European Data Protection Directive. However, we can note immediately the position it takes on Technology. One of the strengths of the Directive, the Review claims, is that it is neutral in relation to Technology. The Information Commissioner, in his commentary on the Review, while agreeing that this is strength, also says that a weakness of the Directive is that it is outdated in relation to contemporary technology. Can something which is neutral become outdated? Should we be looking for state of the art neutrality in a new Directive?

Of course, it has always been claimed that the Directive is neutral in relation to Technology. If you look at the key Article 2 of the Directive, though, it doesn’t seem to have much to do with technology at all, which I suppose is a form of neutrality. … Continue Reading ››
Above: some forms of Street View are more popular than others, it seems

Press reports indicate that Google faces penalties if it fails to amend its Street View service so as to comply with German law. Johannes Caspar, head of the data protection agency in Hamburg, listed 12 areas in which he claimed that Street View was in breach of domestic German privacy law. Most of these breaches related to the photography of people or their property without consent and to the handling of recorded data.

Dietmar Mueller, on behalf of the German Federal Commissioner for Data Protection and Freedom of Information, Bonn, said the agency in Hamburg was able to issue fines of over 100,000 euros and that, additionally, individuals could take Google to court for breaches of … Continue Reading ››
"Too important to be left to data protection specialists talking to each other": that was the verdict of the Information Commissioner Richard Thomas on future reform of data protection legislation, as he announced publication this week of a major report on the strengths and weaknesses of the ageing Directive 95/46/EC.

The 100 page review was produced by research organisation RAND Europe on behalf of the Information Commissioner's Office, to inform and stimulate debate about future reform of the legislation to make it fit for the globalised, networked world of the 21st Century.

It will not surprise Datonomy readers to know that the following bugbears feature among the weaknesses identified in the report:
the concept of "personal data" and its relationship to real privacy risks;
rules and mechanisms for international data transfers; and
the processor/ controller distinction.

Datonomy will be lugging the 100 page tome home … Continue Reading ››