LPP

October 29th, 2010 by James Goudie QC

Legal professional privilege (“LPP”) as an exemption from disclosure under Section 42 of the Freedom of Information Act 2000 (“FoIA”) and Regulation 12 of the Environmental Information Regulations 2004 arose again in West v Information Commissioner, EA/2010/0120.  Bexley Council had transferred a major part of its Council housing stock to a Housing Association.  Mr West is a member of a leaseholders’ group that objected to having to pay service charges for the cost of the maintenance of roads and footpaths within the housing estates.  They said that remained the responsibility of the Council.  They sought to challenge the lawfulness of the stock transfer agreement.  The Council took advice from Counsel.  Mr West sought a copy of Counsel’s Opinion.  The Council refused to provide it, relying on LPP.  The Information Commissioner upheld the Council’s refusal.  The Tribunal dismissed Mr West’s appeal.  Not only might “legal advice privilege” apply.  So too might “litigation privilege”.  Mr West had threatened to bring a case before the Leasehold Valuation Tribunal and/or judicial review proceedings.  The real issue was the Public Interest Test.  The Tribunal duly identified the public interest factors in maintaining the exception, referring to DBERR v O’Brien [2009] EWHC 164, and the public interest factors in disclosure.  Weighing up and balancing the competing public interests, and bearing in mind the presumption in favour of disclosure, the Tribunal (Judge Shanks presiding) agreed with the Commissioner that the public interest in maintaining the LLP exception outweighed the public interest in disclosure.

James Goudie QC

Tags:
Posted in Uncategorized | Comments Off on LPP

DRAFT DATA SHARING CODE OF PRACTICE

October 11th, 2010 by Rachel Kamm

The Information Commissioner is currently consulting on a draft Data Sharing Code of Practice. Subject to consultation and obtaining the Secretary of State’s approval, this will be a statutory code of practice issued under sections 52A and 52D of the Data Protection Act 1998 which can be used as evidence in any legal proceedings. The draft code is relatively short  (less than 40 pages) and does not include as much practical detail as perhaps might have been expected. It is available on the Information Commissioner’s website (ww.ico.gov.uk)  and the consultation period closes on 5 January 2011.  

Tags:
Posted in Uncategorized | Comments Off on DRAFT DATA SHARING CODE OF PRACTICE

Digital Agenda: EU Commission refers UK to ECJ over privacy and personal data protection

October 4th, 2010 by James Goudie QC

October 4th 2010 by James Goudie QC

The European Commission has decided (IP/10/1215) to refer the United Kingdom to the ECJ for not fully implementing EU rules on the confidentiality of electronic communications such as e-mail or internet browsing. Specifically, the Commission considers that UK law does not comply with EU rules on consent to interception and on enforcement by supervisory authorities. The EU rules in question are laid down in the ePrivacy Directive 2002/58/EC and the Data Protection Directive 95/46/EC. The infringement procedure was opened in April 2009 (IP/09/570), following complaints from UK internet users notably with regard to targeted advertising based on analysis of users’ internet traffic. These complaints were handled by the Information Commissioner’s Office, the UK personal data protection authority, and the police forces responsible for investigating cases of unlawful interception of communications. The Commission previously requested the UK authorities in October 2009 (IP/09/1626) to amend their rules to comply with EU law.

The Commission considers that existing UK law governing the confidentiality of electronic communications is in breach of the UK’s obligations both under the ePrivacy Directive and under the Data Protection Directive in three specific areas:

  •  there is no independent national authority to supervise the interception of some communications, although the establishment of such authority is required under the ePrivacy and Data Protection Directives, in particular to hear complaints regarding interception of communications
  • current UK law authorises interception of communications not only where the persons concerned have consented to interception but also when the person intercepting the communications has ‘reasonable grounds for believing’ that consent to do so has been given. These UK provisions do not comply with EU rules defining consent as “freely given, specific and informed indication of a person’s wishes”
  • current UK law prohibiting and providing sanctions in case of unlawful interception are limited to ‘intentional’ interception only, whereas EU law requires Member States to prohibit and to ensure sanctions against any unlawful interception regardless of whether committed intentionally or not.

Posted in Uncategorized | Comments Off on Digital Agenda: EU Commission refers UK to ECJ over privacy and personal data protection

PRIVACY OF INTERNET USERS, INTERNET FILE-SHARING AND COPYRIGHT: THE PRESENT “WILD WEST” AND THE DIGITAL ECONOMY ACT 2010

October 1st, 2010 by Julian Wilson

Scant regard for the principles of data protection and the protection of private information appears to be being paid in the current war being waged between internet file-sharers and copyright enforcers.

 

We appear to be at a critical point in this most topical saga, both legal and practical. The last few days have seen reports of all of the following: an expression of concern from the court over the use being made by copyright owners of Norwich Pharmacal Orders against Internet Service Providers to identify potential filesharers; a concerted cyber attack mounted against the computer servers of ACS Law, a solicitors’ firm notorious for its mass pursuit of alleged copyright infringing internet file-sharers; the leaking from ACS Law’s servers of the identities and sensitive personal data of ISP subscribers whose IP addresses had allegedly been identified as having been used to download copyrighted material (including pornography); the exposure of the fact that one of the ISPs had disclosed its subscribers’ personal data to that law firm under court order without first encrypting it; the reporting that this data was, allegedly, kept unencrypted; the dissemination of that data and the law firm’s financial and other records revealing the fundamentals of its controversial copyright enforcement processes; and the commencement of the appeal in Sweden of the defendants connected with Pirate Bay, the prominent filesharing enabling web-site.

 

What is more, a decision of the Administrative Court is expected imminently on the application of 2 ISPs for permission to judicially review the provisions of the Digital Economy Act 2010 governing online infringement of copyright (sections 3 to 18) in R, on the application of British Telecommunications Plc and Talktalk Telecom Group Plc –v-The Secretary Of State For Business, Innovation And Skills.

 

Those provisions of the Digital Economy Act were intended to bring an element of regulation into this present “Wild West”. Although the Act received Royal Assent on 8 April 2010, it was only debated, as a Bill, at a brief committee stage during the “wash up” period after the announcement of the general election.  Its provisions contemplate that those whose internet connections are used for repeated file-sharing of copyright material will be disallowed access to the internet by their ISP.  On 27 September 2010, the inventor of the internet, Sir Tim Berners-Lee likened being forced offline in this way to ‘imprisonment’ and attacked the Digital Economy Act’s lack of ‘due process’ as contrary to the Magna Carta.  High time then, to take stock.

 

File-sharing software (such as BitTorrent) enables internet users to share files and material stored on each other’s computers when they are connected to the internet. The software has many legitimate uses but it is also employed to upload and share digital media in breach of copyright protection. The software is available on the internet at file-sharing sites such as Pirate Bay. Internet monitoring technology cannot specifically identify those who engage in uploading and downloading files for unlawful sharing. The nearest it gets is the identification of the internet protocol address utilised by a file-sharer. This IP address belongs to the person who subscribes for the broadband internet connection which is utilised in the file-sharing. The IP address identifies the ISP and can be used by the ISP itself to identify its subscriber. 

 

Obviously, however, the internet connection may not be in the sole use of the subscriber himself and the subscriber may not be the file-sharer. A local wireless network may utilise the  internet connection and if the network is unsecured  access can be gained to the connection by anyone. Internet connections are also reported to be susceptible to hacking by serial file-sharers.

 

Copyright owners use monitoring agents to go on to the internet and search for their material to identify unauthorised sources, that is uploaders. The monitoring agents download the copyrighted material from such sources and thereby identify the IP address of the uploader. (According to the file-sharers, there are unscrupulous monitoring agents linked to copyright enforcers who incite unlawful downloading by themselves uploading the material so as to catch downloaders, and incompetent monitoring agents who misinterpret data and wrongly identify IP addresses as being involved in copyright infringement).

 

Armed with the IP addresses identified by the monitoring agents, law firms such as ACS Law and Gallant McMillan make applications in the Chancery Division for Norwich Pharmacal Orders against the ISPs requiring the ISPs as persons mixed-up in the wrongdoing of others to identify the names and addresses of the subscribers for the IP addresses used in the file sharing.  Most ISPs do not oppose the making of the Orders sought.  It is said that ISPs who have expressed an intention to oppose such Orders are never made respondents to avoid opposition being mounted. The court cannot gainsay the evidence of the monitoring agents on these applications; it does not have the requisite technical understanding. The Orders are therefore made without challenge. In response to the Orders, the ISPs disclose the identities and physical addresses of the subscribers.  As the identities of hundreds or even thousands are sought at one time, the court tends to order the ISP to disclose them by sending an encrypted disk. Some of the private information that recently leaked from ACS Law appears to have included BT PlusNet subscriber identities and addresses which BT PlusNet had allegedly disclosed to ACS Law pursuant to one such court order without putting it into encrypted form.

 

The law firms then make mass mailings of standard letters before action to the identified subscribers alleging copyright infringement and demanding the payment of damages under threat of legal action. ACS Law had written such letters to Sky subscribers whose connections had allegedly been used to view pornographic material. There are at least 3 aspects of these types of letters which are controversial. First, the demand is made of the subscriber even though he may not have been the file-sharer or have known of the file-sharing activity. There is no proof available at the time of sending the letters that the subscriber was the person who used the broadband connection to access the copyright material. Second, the threat of legal action which is used to require payment is not a real one: actions are not, in practice, being brought. Third, the sums demanded in compensation are said to be disproportionate to any possible loss suffered by the copyright holders.

 

There is much internet space given over to recipients of such letters complaining of the distress they cause to them and their families. Some of the private information belonging to ACS Law recently leaked and disseminated shows that a substantial sum of money has been collected from those recipients of these letters who pay up. The so called compensation was  shared between the copyright holders, the monitoring agents and the law firm. Some subscribers who paid up by credit card have had their credit card details, allegedly kept on ACS’ server, disseminated. Some subscribers did not respond to the letters. Others challenged the allegations (some using standard form defence material available on the internet). Some recipients of the letters claim they are the innocent victims of harassment. Another law firm is reportedly now preparing a group harassment action against ACS Law. ACS Law is already the subject of investigation by the SRA and now the Information Commissioner. 

It is reported that, on 20 September 2010, at the hearing of a Norwich Pharmacal application made by Gallant McMillan on behalf of Ministry of Sound in Ministry of Sound Recordings Ltd v Plusnet Plc, Chancery Master Winegarten expressed provisional concerns that the process followed after the making of these orders was leading to mis-accusations and that whilst thousands of letters before action were being despatched to internet subscribers, no-one was being sued.

In order to obtain Norwich Pharmacal relief, it is not necessary to undertake to bring an action only to show that no action could be brought without the information sought. The relief is available if the interests of justice require it even where at the time of the application, without  the disclosure, the applicant cannot yet establish that the source has committed the wrong suspected: P-v-T Ltd [1997] 1 WLR 1309.

 

Master Winegarten reportedly stated the view that the Digital Economy Act would shortly change the present unsatisfactory landscape. What will the new DEA landscape look like?   

 

Section 3 of the DEA 2010 inserts a new section 124A into the Communications Act 2003 and applies if it appears to a copyright owner that a subscriber to an internet access service has infringed the owner‘s copyright by means of the service; or has allowed another person to use the service, and that other person has infringed the owner‘s copyright by means of the service. It provides for the owner to make a copyright infringement report to the internet service provider who provided the internet access service. A copyright infringement report is a report that states that there appears to have been an infringement of the owner‘s copyright; includes a description of the apparent infringement and evidence of the apparent infringement that shows the subscriber‘s IP address and the time at which the evidence was gathered.

 

The internet service provider who receives the copyright infringement report must notify the subscriber of the report and include a statement that the notification is sent under this section in response to a copyright infringement report; the name of the copyright owner who made the report;  a description of the apparent infringement; evidence of the apparent infringement that shows the subscriber‘s IP address and the time at which the evidence was gathered;  information about subscriber appeals and the grounds on which they may be made; and advice, or information enabling the subscriber to obtain advice, about steps that a subscriber can take to protect an internet access service from unauthorised use.

 

The ISP may (under an initial obligations code to be promulgated by Ofcom) also be required to state that information about the apparent infringement may be kept by the internet service provider; that the copyright owner may require the provider to disclose which copyright infringement reports made by the owner to the provider relate to the subscriber; and that following such a disclosure, the copyright owner may apply to a court to learn the subscriber‘s identity and may bring proceedings against the subscriber for copyright infringement.

 

The new s.124B provides that an internet service provider must provide a copyright owner with a copyright infringement list for each subscriber for whom there are multiple (amount yet to be defined) copyright infringement reports made by the owner to the provider.

 

The new s.124G permits the Secretary of State to direct Ofcom to assess whether one or more technical obligations should be imposed on internet service providers to take a technical measure (limiting the speed of the broadband service provided or limiting access) against subscribers to its service for the purpose of preventing or reducing infringement of copyright by means of the internet.

 

Section 124K provides for subscriber appeals. A non-exhaustive list of grounds of appeal includes: that the apparent infringement to which the report relates was not an infringement of copyright; and that the report does not relate to the subscriber’s IP address at the time of the apparent infringement. Section 124K(5) provides that an appeal on any grounds must be determined in favour of the subscriber unless the copyright owner or internet service provider shows that the apparent infringement was an infringement of copyright, and  the report relates to the subscriber’s IP address at the time of that infringement. Section 124K(6) provides that the appeal must be determined in favour of the subscriber if the subscriber shows that the act constituting the apparent infringement to which the report relates was not done by the subscriber, and the subscriber took reasonable steps to prevent other persons infringing copyright by means of the internet access service.

 

2 things are clear: the subscriber will be held to account for any misuse of the internet connection through his IP address and the onus will be on him to appeal and prove that he was not the file-sharer and took adequate steps to prevent his internet connection from being used for copyright infringing file-sharing.

By their judicial review application, BT and TalkTalk contend that the provisions of the DEA represent a disproportionate response to concerns over unlawful peer-to-peer file sharing and are likely to have a significant impact on internet users, many of whom are likely to be wholly unconnected with any form of digital piracy on a commercial scale and that the requirements imposed by the DEA 2010 raise very serious concerns about the impact on the privacy of internet users and the confidentiality expected by subscribers in their dealings with ISPs.

Naturally, the main focus of the ISP’s JR application is the requirement the DEA 2010 places on ISPs set up and administer costly schemes in relation to the internet use of their subscribers, to amend substantially their existing data processing practices and to incur potential liability to their subscribers as a result of their actions. BT and TalkTalk state that they are disconcerted at the prospect of their being required to discharge an enforcement function on behalf of copyright owners in circumstances where no, or no adequate, provision has been made for the costs of doing so.

 

Tags: , , ,
Posted in Uncategorized | Comments Off on PRIVACY OF INTERNET USERS, INTERNET FILE-SHARING AND COPYRIGHT: THE PRESENT “WILD WEST” AND THE DIGITAL ECONOMY ACT 2010

BLAIR ON FOIA: REGRETS, I’VE HAD A FEW

September 1st, 2010 by Anya Proops

Tony Blair has given an interview in today’s Guardian in which he robustly defends (almost) all of his actions as Prime Minister. Notable exceptions include the ban on fox-hunting and, somewhat surprisingly, the Freedom of Information Act. Thus, Martin Kettle of the Guardian reports: Some things about his record in office he does not defend. One is the Freedom of Information Act. “It’s not practical for government,” he says. “If you are trying to take a difficult decision and you’re weighing up the pros and cons, you have frank conversations. Everybody knows this in their walk of life. Whether you are in business – or running a newspaper – there are conversations you want to have preliminary to taking a decision that are frank. And if those conversations then are put out in a published form that afterwards are liable to be highlighted in particular ways, you are going to be very cautious. That’s why it’s not a sensible thing.”’ Query whether the current PM would be prepared to make a similar declaration. You can find the article here.

Tags: ,
Posted in Uncategorized | Comments Off on BLAIR ON FOIA: REGRETS, I’VE HAD A FEW

DISSECTING PERSONAL DATA – BRYCE V INFORMATION COMMISSIONER

August 18th, 2010 by Anya Proops

Section 40 FOIA provides for a number of exemptions in respect of ‘personal data’. The exemption which is most frequently prayed in aid by public authorities is the one provided for under s. 40(2), read together with s. 40(3)(a)(i). In essence, under these provisions, information will be absolutely exempt from disclosure under FOIA if: (a) it amounts to personal data, as defined in s. 1 of the Data Protection Act 1998 (“DPA”) and (b) its disclosure would contravene one or more of the data protection principles provided for under schedule 1 to the DPA. In practice, it can be very difficult to apply this exemption, particularly where the information in issue may comprise personal data relating to a number of different individuals. It was precisely this issue which the Tribunal had to tackle in the recent case of Bryce v IC & Cambridgeshire Constabulary (EA/2009/0083). In Bryce, a request had been made by Ms Bryce for disclosure of a police investigation report. The report addressed concerns which had been raised by Ms Bryce and others about the way in which the Cambridgeshire Constabulary had investigated the death of Ms Bryce’s sister, who had been killed by her husband. The Tribunal held that the report contained a multiplicity of different types of personal data including: Ms Bryce’s personal data; the husband’s personal data; personal data relating to the husband’s family; the personal data of witnesses; personal data relating to the deceased’s family; and personal data relating to officers who had conducted the investigation. Apart from Ms Bryce’s own personal data, which was exempt from disclosure under s. 40(1) FOIA, the Tribunal approached the question of how the s. 40(2) exemption applied to the remaining data by conducting a discrete analytical exercise in respect of each type of data. It is clear from the Tribunal’s analysis that it was of the view that very different considerations applied, for example, in respect of officers’ data as compared with the data relating to the husband’s family. The key implication of this judgment is that a public authority will expose itself to challenge under FOIA if it simply adopts a blanket ‘one size fits all’ approach to information comprising diffuse types of personal data. The judgment is also notable in that it applies the approach to the concept of ‘personal data’ which was approved in Durant v Financial Services Authority, rather than the arguably more liberal approach embodied in the Commissioner’s guidance: Determining What is Personal Data’.

Tags: , ,
Posted in Uncategorized | Comments Off on DISSECTING PERSONAL DATA – BRYCE V INFORMATION COMMISSIONER

The scope of the Freedom of Information (Scotland) Act

August 5th, 2010 by James Goudie QC

The scope of the Freedom of Information (Scotland) Act is the focus of a Scottish Government consultation that began on 28 July 2010. The consultation seeks views on whether the existing legislation should be widened to cover a greater range of bodies who deliver public services in Scotland. Organisations under consideration are contractors who build and/or maintain schools, hospitals and roads; private prison operators; leisure, sport and cultural trusts set up by local authorities; Glasgow Housing Association and the Association of Chief Police Officers in Scotland. The consultation process will run for 14 weeks, until 2 November 2010. The organisations to be consulted are: trusts and bodies established by local authorities with responsibility for providing leisure, sport and cultural services, which deliver services of a major benefit, and receive significant public money; private; prison operators, which provide services normally provided centrally by Government; Glasgow Housing Association; the Association of the Chief Police Officers in Scotland, which oversees and coordinates the direction and development of the Scottish police services, and which receives significant public funding; and private contractors who build and/or maintain schools and hospitals, and those who operate and maintain trunk roads across Scotland, which are key areas of public service which are often delivered under private contract.

James Goudie QC

Tags:
Posted in Uncategorized | Comments Off on The scope of the Freedom of Information (Scotland) Act

LAW OF CONFIDENCE – THE TRUMP CARD IN MATRIMONIAL PROCEEDINGS

August 3rd, 2010 by Anya Proops

The Court of Appeal has recently handed down an important judgment on the application of the law of confidence in matrimonial proceedings: Tchenguiz & Ors v Imerman [2010] EWCA Civ 908. The background to the case was that an application for ancillary relief had been made by Mrs Tchenguiz Imerman (TI) against her husband, Mr Imerman. Fearing that Mr Imerman may seek to conceal the nature and extent of his assets in the context of the ancillary relief proceedings, one of TI’s brothers, possibly with the help of others, accessed a computer server in an office which Mr Imerman shared with TI’s brothers and then copied information and documents which Mr Imerman had placed on that server relating to his assets. In order to prevent TI relying on the information and the documents in the ancillary relief proceedings, Mr Imerman sought to restrain the defendants from communicating the information and documents which they had obtained to any third party (including TI and her lawyers). He also sought delivery up of all copies of the documents. Eady J granted the orders sought by Mr Imerman. The defendants appealed to the Court of Appeal. The central issue for the Court of Appeal was essentially whether TI should be allowed to use the information and documents in the context of the ancillary relief proceedings, despite the fact that they appeared to have been obtained by the defendants in breach of confidence and, hence, unlawfully.  The case was rendered particularly complex as a result of what is commonly known in matrimonial proceedings as the ‘Hildebrande rules’. Historically, these rules have been applied by the courts in matrimonial ancillary relief proceedings so as generally to allow individuals to rely on evidence as to their spouses’ assets notwithstanding that that evidence has been unlawfully obtained.

In summary, the Court of Appeal held as follows:

·         the information/documents had been unlawfully obtained by the defendants as they had been obtained in breach of confidence (and, further, in breach of Mr Imerman’s right to privacy);

 

·         it may be that the obtaining of the information/documents had also amounted to: (a) criminal conduct on an application of s. 17 of the Computer Misuse Act 1990; (b) unlawful processing of Mr Imerman’s personal data under s. 4(4) Data Protection Act 1998 (DPA); and, further, (c) a criminal act under s. 55 DPA; although having found that the information/documents were obtained unlawfully in breach of confidence, the Court did not need to reach a concluded view on these issues;

 

·         the question for the Court was whether it should effectively condone the illegal self-help methods adopts by the defendants simply because it was feared that Mr Imerman may behave unlawfully and conceal that which should be disclosed in the ancillary relief proceedings. The answer to that question was: ‘No’ (see para. 107). As the Court suggested:The tort of trespass to chattels has been known to our law since the Middle Ages and the law of confidence for at least 200 years, yet no hint of any defences of the kind now being suggested is to be found anywhere in the books’ (para. 117). Thus, the Hildebrande rules could not be justified on any grounds;

 

·         if there were concerns that an individual may seek dishonestly to conceal assets in the context of ancillary relief proceedings, the correct course would be for the spouse to seek to protect her/his position through lawful means, for example by applying to the court for an anton pillar order.

The judgment is important not least because it highlights the essentially inalienable nature of the common law rights to confidentiality and privacy. There is no doubt that the judgment will be controversial, not least because of concerns that it fails to recognise the significant power imbalance which often obtains between spouses in matrimonial proceedings. 

 

Tags: , ,
Posted in Uncategorized | Comments Off on LAW OF CONFIDENCE – THE TRUMP CARD IN MATRIMONIAL PROCEEDINGS

EU APPROVES FINANCIAL DATA TRANSFERS TO US FOR COUNTER-TERRORISM PURPOSES

July 28th, 2010 by Anya Proops

On 13 July 2010, the Council of Europe promulgated a decision whereby it approved an agreement between the EU and the US for the transfer of financial messaging data from the EU to the US, specifically for the purposes of the US’s Terrorist Finance Tracking Programme. The decision has now been published in the Official Journal for the EU. See further the Council decision dated 28 June 2010 confirming the signing of the agreement, which you can find here.

Tags: ,
Posted in Uncategorized | Comments Off on EU APPROVES FINANCIAL DATA TRANSFERS TO US FOR COUNTER-TERRORISM PURPOSES

TOWARDS A TRUE SINGLE MARKET OF DATA PROTECTION

July 16th, 2010 by James Goudie QC

Viviane Reding Vice-President of the European Commission responsible for Justice, Fundamental Rights and Citizenship, made a speech entitled “Towards a true Single Market of data protection” at a Meeting in Brussels, on July 14, 2010.  In her speech she said that we need a comprehensive and coherent approach so that the fundamental right to data protection is fully respected within the EU and beyond. She put forward five proposals.

 First, individuals’ rights should be strengthened by ensuring that they enjoy a high level of protection and maintain control over their data. Individuals need to be well and clearly informed, in a transparent way, by data controllers – be it services providers, search engines or others – about how and by whom their data are collected and processed. They need to know what their rights are if they want to access, rectify or delete their data. And they should be able to actually exercise these rights without excessive constraints.

Secondly, the internal market requires not only that personal data can flow freely from one Member State to another, but also that the fundamental rights of individuals are safeguarded. Provided that all data protection guarantees are in place and properly applied, personal data should freely circulate within the EU and, where necessary and appropriate, be transferred to third countries. This requires a level playing field for all economic operators in different Member States. This is currently not the case: indeed, one of the main concerns expressed by businesses in recent consultations is the lack of harmonisation and the divergences of national measures and practices implementing the 1995 Directive.  Further harmonisation and approximation of data protection rules at EU level is needed.

Thirdly, the current rules on data protection in the area of police cooperation and judicial cooperation in criminal matters should be revised.  Derogations to general data protection principles should be limited. They should not go beyond what is necessary and proportionate in order to pursue objectives of general interest, such as the fight against terrorism and organised crime, or the need to protect the rights and freedoms of others.

Fourthly, personal data must be adequately protected when transferred and processed outside the EU. To that end, the current procedures for international data transfers, including in the areas of police cooperation and judicial cooperation in criminal matters, will be improved, strengthened and streamlined.

Fifthly, EU monitoring of the implementation and enforcement by Member States of the existing rules to guarantee that individuals’ rights are actually respected will be a priority; the role of data protection authorities should be strengthened; and data protection authorities should be provided with the necessary powers and resources to be able to properly exercise their tasks both at national level and when cooperating with each other.

James Goudie QC

Posted in Uncategorized | Comments Off on TOWARDS A TRUE SINGLE MARKET OF DATA PROTECTION

« Older Entries
Newer Entries »