3 November 2009
See the previous workshops coverage
Moderator: Prof. Yves Poullet, Computing Research Centre, Facultés Universitaires Notre-Dame de la Paix (Belgium)
Mr. Pedro Martinez, Fiscal, Madrid High Court (Spain)
Data retention directive – scope to monitor citizens
Implementation in spain – software SITEL – part of Interpol. Discussion on spanish issues regarding wiretapping and data retetion directive ( The translator is doing a great job, but he has a rough time in keeping up with the speaker 🙂
Relationship between us and eu
Mr. Eddan Katz, Electronic Frontier Foundation (USA) .
inadequate protection of data.
Under the derogations – list of data that can be transferred – legal incertanty about it.
Unambigous consent – practical problems how can you differentiate between eu users and others…
Binding Corporate Rules – but is just for a few organisations
EU-US safe harbour principles presented.
Safe harbour issues – yearly registration at FTC (but only for commercial entities)
But Accountability is the problem.
But all this depands on having a DPA.
Mr. Ivan Ferrando Perea, President, CENTIC (Peru)
Cross border flow – consideration from developping countries
We need a global privacy strandard- is private sector an ally in this search for a global standards ? Not likely
The lesser privacy – the more competiteveness.
Self regulation is not present in this scenario. Companies do not produce self-regulation -a good number of multinational companies apply a privacy standard lower than the one in their countries – so the civil society and developped countries are the one that should lead the topic.
A global standard can’t be based on self-egulation, needs to be a legisltion with a list of minimum standards. Global standard needs to be a comittment to adop DP legislation.
Mr. Nigel Waters, Australian Privacy Foundation (Australia)
TRansboder data flows are essential for several sectors (transport, etc.)
Big question of monitoring and enforcement. See if there are derrogation.
In Australia there are very wide exemptions and the DPA might not apply the rules.
2 types scenario:
1.Transfer of data for filling a purpose of the consumer – in this case he just needs to be informed.
2. When the private company and a govt asks for the private data to flow. In those cases the individual has almost no information or rights. Suggested: destination govt to respect human rights and principles.
Mr. Francisco Javier “Patxi” Sanjuan, UGT, Member of CLI (Spain)
Companies discovered to transfer of data and reduce costs – the changes are also affecting workers. Protecting tools for workers and their privacy … (why would anyone read so much text ? 😉
Mr. Gus Hossein, Privacy International (UK)
A modest proposal – stop focusing on transborder data flows that much. 🙂 (even though PI fought PNR, SWIFT, etc.)
Let’s stop using transborder data flows as a Trojan horse. Just having a DP Act is not enough.
PI spoke with refugees, work with UN. There is a privacy dynamic – so let’s focus on capacity building.
What is capacity building ? – civil society, consumer groups – privacy is not a new domain.
</end session>Author : Bogdan