The UK’s data privacy regulator, the Information Commissioner’s Office (ICO), has recently issued its largest fine to date against a single data controller, for breaches of the Data Protection Act 1998 (the DPA).
This latest fine, of £120,000 imposed on Surrey County Council, continues a string of increasing financial penalties imposed by the ICO following the bolstering of its enforcement powers by the Criminal Justice and Immigration Act 2008 in April 2010. Since then, the ICO
Google has consented to the entry of a proposed Agreement Containing Consent Order with the US Federal Trade Commission, subjecting the company to sweeping government oversight of its privacy disclosure and product development and release practices, nominally arising out of the roll-out of its Buzz product in February 2010. The auditing and reporting requirements are staggering in scope, breadth and duration, reaching Google’s entire business, not merely online communication products such as Gmail. One interpretation of the (rather amazing) document
A court in the United Kingdom has cast doubt on whether IP addresses can be used to identify infringement of copyright by a specific individual. In this post, we ask whether this case impacts the generally accepted view in Europe that IP addresses should be treated as personal data under applicable data privacy laws.
The case of Media CAT Limited v Adams & Ors [2011] EWPCC 6 involved allegations that a number of defendants had infringed copyright in pornographic films
The First Chamber of the German Federal Supreme Court decided on the permissibility of outbound advertising calls on the basis of a so-called “double-opt-in” (judgement dated February 10, 2011 – I ZR 164/09 – Telefonaktion II). The full reasoning of the decision has not been published yet. But the press release already gives important clues as to the Court’s considerations.
A local healthcare insurance company had called consumers whose telephone numbers had been collected in the course of a lottery.