Data Protection Commissioner issues Election Warning

Posted on January 28, 2011 by John Cahir

The Data Protection Commissioner has written to political parties this week cautioning them about communicating with individuals by text, email or phone in the forthcoming General Election.

The Commissioner, Mr Billy Hawkes, advised candidates that they should avoid sending electoral messages to persons other than those who could “reasonably be assumed to consent to receipt of such messages”, such as party members for example.

 

The warning from the Commissioner comes in the wake of a large number of complaints following on from the June 2009 local election campaign, a lot of cases in which the individual had no prior contact with the political party and had voiced concern at the manner in which their details were sourced. Investigation into the complaints revealed that contact details had been obtained from third party sources such as friends, colleagues, sports clubs and schools. The Commissioner has advised the political parties not to attempt to obtain or use contact information from third parties in this way.

 

The restrictions placed on direct marketing by the Data Protection Acts do not apply however to direct mailing carried out in the course of political activities by a political party or its members. Candidates are permitted to send letters and leaflets to anyone on the Registrar of Electors.

Tags:

New Working Party Opinion Relevant to Cloud and Social Network Providers

Posted on January 21, 2011 by Mark Rasdale

On 16 December 2010, the collective of EU data protection authorities, the Article 29 Data Protection Working Party, adopted “Opinion 8/2010 on applicable law”. The Opinion (which while not legally binding is important guidance on how to apply EU data protection law) seeks to clarify the scope of application of the EU Data Protection Directive 95/46/EC.

Recent developments in technology solutions are presenting challenges to the existing data protection framework. This Opinion is therefore timely and it contains numerous references to cloud computing and social networking. There are clear signs that legislative change (in the mid to longer term) to deal with these developments is inevitable.

The Opinion gives useful case examples for multinational businesses of how data protection law should be applied and in doing so acknowledges the, sometimes significant, practical burden that the application of current data protection law can present for multinational businesses.

There is some confusion amongst cloud providers and customers alike about what data protection laws will apply. This Opinion clarifies that the place where data are sent or located (and the nationality or place of residence of data subjects) does not determine applicability of data protection law. What is required is an analysis of the corporate context in which the processing is carried out. 

As the market for cloud solutions develop, the sophistication of cloud provider contracts will increase. Knowing where the data protection ‘buck stops’ is key. Similar considerations apply in the social networking sphere where increasingly companies are using social media as a customer facing business tool. This Opinion highlights that in the cloud, both the user and the provider of the cloud service can be a data controller. Cloud computing contracts should reflect this and allocate responsibility accordingly.

Tags:

Report on the Application of Directive 2004/48/EC

Posted on January 14, 2011 by Brian McElligott

 

On 22 December 2010, the European Commission published a report on the impact and implementation of Directive 2004/48/EC on the enforcement of intellectual property rights, which came into force on 20 May 2004 and which was implemented by Ireland under European Communities (Enforcement of Intellectual Property Rights) Regulations 2006 (SI 360 of 2006).

The Commission notes that while noteworthy progress in enforcement has been made since the Directive was implemented, the sheer volume and financial value of intellectual property rights infringements is "alarming". It cites one reason for this as being the opportunities offered by the internet to facilitate infringement - a challenge the Directive was not designed to address.

It also notes that several issues deserve further attention, for example the need to clarify the meaning of various corrective measures e.g. the calculation of damages. 

The Commission welcomes feedback from all interested parties on this report by 31 March 2011.

Tags: