So, 2017 is full of promises! One of them is the proposed ePrivacy Regulation (officially, ‘Regulation on Privacy and Electronic Communications’) that the European Commission (EC) has suggested should replace the existing, old fashioned ePrivacy Directive (Directive 2002/58/EC on Privacy and Electronic Communications). The proposed ePrivacy Regulation – which would represent a signficant evolution in … Continue reading
Tag Archives: metadata
anonymisation / big data / Data protection / General Data Protection Regulation / Internet intermediaries / metadata / pseudonymisation / Risk-based approach / Surveillance
Mind the Caveats – CJEU Advocate General opines that Dynamic IP Addresses can be Personal Data … (sometimes)
“I am not a number …” – but to what extent does EU data protection law deem that I am identifiable from one if someone somewhere could link it back to me at a single point in time? The Court of Justice of the EU (CJEU) has been hearing arguments in a case involving the … Continue reading
anonymisation / big data / Data protection / General Data Protection Regulation / Geo-location data / Personal data / Privacy / Privacy impact assessment / pseudonymisation
Location Data and Making Sense of the Goldilocks Paradox of Legal Anonymisation (too much, too little or just right…?)
Collect, delete, repeat …. From ‘Where I am’ to ‘Who I am’, and back again? To pick up the thread from my previous posts on the topic of location data here and here, this final piece in the set returns to the first theme I discussed. This relates to the legal debate over when location … Continue reading
ICO issues guidance on when and how to remove personal data “safely” from disclosable information to avoid breaching data protection rules
To be identifiable or not to be identifiable – to what extent do our identities merit concealment through law in light of the capabilities of modern technologies? The UK Information Commissioner’s Office (ICO) has recently published guidance on what to do when handling requests for information in respect of which personal data must first be … Continue reading
Access request for network data granted! A few thoughts on the decision of the Australian Privacy Commissioner in Ben Grubb and Telstra (1 May 2015)
Ben Grubb and Telstra Corporation Limited [2015] AICmr 35 is a fascinating decision – issued on 1 May 2015 by Timothy Pilgrim, the Australian Privacy Commissioner – especially in the light of our recent posts, such as this one concerning Internet Service Providers (ISPs) and their roles as mere conduits and/or data controllers, or that … Continue reading
On surveillance, safe harbour and Schrems…Are we that stuck?
Readers of this blog will almost certainly be aware that the European Union (EU) was the first regional organisation on the international stage to adopt a comprehensive, and relatively stringent, data protection regime. Yet, as the Internet is a global communications infrastructure, the EU has had to find ways to dialogue with non-EU (‘third’) countries … Continue reading
Two Parliamentary reports give unique insight into the operations of the UK intelligence services, while advocating for overhaul of “piecemeal and “unnecessarily complicated” surveillance rules
Call for more transparency in UK surveillance legal regime accompanied by revelations regarding the existence of ‘bulk personal datasets’ Two important reports were presented to Parliament in March. They represent a landmark in terms of the level of transparency they provide surrounding the activities of the UK intelligence and security agencies. The reports are: The … Continue reading
Counter-Terrorism and Security Act 2015 receives UK Royal Assent
Confirmed (albeit temporary) expansion in data retention powers to add new cyber-clue pieces to identity-profile ‘jigsaws’ The Counter-Terrorism and Security Act 2015 was enacted on 12 February 2015, following agreement by both Houses of Parliament on the text of the Bill (discussed on this blog here and here). The Act contains a number of tough … Continue reading
Competition authority probes commercial usage of consumer data
Competition Law and Privacy Protection – A Regulatory Match Made in Heaven for Online Data Issues? There have been recent headlines touting privacy as the new competition law, with one US commentator opining that “the role that antitrust played in the wake of the Industrial Revolution is being captured by privacy in the Digital Age”. … Continue reading
Access to data / content data / Data protection / interception / Internet intermediaries / Law enforcement / metadata / Privacy
What if Commissioners could be heard by the right people? Why DRIPA is getting muddier and muddier…
Just before Christmas, the UK Interception of Communications Commissioner’s Office (IOCCO) published online its submission for the Investigatory Powers Review. It is a 51 p. document full of interesting things. The purpose of this post is to highlight the main points made by the IOCCO with a view to clarifying the debate as regards the … Continue reading