Data Privacy Law

The rapid development of information technology has exacerbated the need for robust personal data protection, the right to which is safeguarded by both European Union (EU) and Council of Europe (CoE) instruments. Safeguarding this important right entails new and significant challenges as technological advances expand the frontiers of areas such as surveillance, communication interception and data storage. This handbook is designed to familiarise legal practitioners not specialised in data protection with this emerging area of the law. It provides an overview of the EU’s and the CoE’s applicable legal frameworks. It also explains key case law, summarising major rulings of both the Court of Justice of the European Union and the European Court of Human Rights. In addition, it presents hypothetical scenarios that serve as practical illustrations of the diverse issues encountered in this ever-evolving field.

"Canada has distinguished itself as a pioneer in the oversight of privacy and data protection through a co-regulatory approach that balances industry initiative with government protection of consumer preferences and citizen concerns. Incorporating key elements of the European and American approaches, Canada is the first North American country to enact comprehensive data protection regulation that sets appropriate standards for privacy practices across the country. In recognition of Canada's unique position, the International Association of Privacy Professionals (IAPP) has created the first credentialing program in Canadian privacy. The Certified Information Privacy Professional/Canada (CIPP/C) is the first certification to be designed by Canadian privacy officers for the benefit of information management professionals who work in the Canadian private sector. Canadian Privacy: Data Protection Law and Policy for the Practitioner is the official reference for the CIPP/C program. It brings into focus all of the notable Canadian data protection laws and standards including: The Privacy Act of Canada; The Personal Information and Electronic Documents Act ("PIPEDA"); The Personal Information Protection Acts of Alberta and British Columbia (the "PIPAs"); The Personal Health Information Protection Act of Ontario ("PHIPA"); The private sector Act of Québec ("Loi sur la protection des rensiegnments personeels dans le secrteur privé [sic]"); the Generally Acceptable Privacy Principles ("GAPP"). Canadian Privacy is a valuable reference for Canadian corporate privacy officers as well as any professional who is responsible for the information risk management, information security, information auditing or legal compliance needs of clients or organizations based in Canada."--P. [4] of cover.

A survey of Data Privacy and Security Laws worldwide with helpful explanations. What do Target, Google, Apple and Samsung all have in common? If you answered multimillion dollar fines for data privacy violations, you¿d be right.But you don¿t have to be Google to face a crippling lawsuit that could threaten the future of your business. Written in accessible language by experienced US and internationally-qualified professionals, Data Privacy: A Practical Guide enables business people to develop a quick and sound understanding of a company¿s legal obligations to protect client data.This book answers questions like: Which are the key data privacy law standard-setting bodies in the US and internationally? To what extent does cross-border selling expose you to data privacy compliance risks in foreign countries? Can you effectively offload your legal responsibilities to protect customer data to outsourced third-party service providers like web hosts and payment processors? What are your legal obligations after discovering a data privacy breach? What legal risks are involved in Web-based file sharing services like Dropbox? At what stage must you appoint a Data Protection Officer? How to document your company¿s compliance with its data privacy policy? ...and many more. Concrete examples are introduced throughout the text and are annotated to illustrate the implications of applicable laws on data privacy policies. Essential summaries ensure that key applicable laws of the US, Canada, EU, Australia, and several emerging markets are taken into account when designing your company¿s data protection policies. We also provide specific recommended courses of action to follow to mitigate liability following a data privacy breach. If you are creating, managing or complying with data privacy policy in an organization, this book was written for you.

This book provides a snapshot of privacy laws and practices from a varied set of jurisdictions in order to offer guidance on national and international contemporary issues regarding the processing of personal data and serves as an up-to-date resource on the applications and practice-relevant examples of data protection laws in different countries. Privacy violations emerging at an ever-increasing rate, due to evolving technology and new lifestyles linked to an intensified online presence of ever more individuals, required the design of a novel data protection and privacy regulation. The EU General Data Protection Regulation (GDPR) stands as an example of a regulatory response to these demands. The authors included in this book offer an in-depth analysis of the national data protection legislation of various countries across different continents, not only including country-specific details but also comparing the idiosyncratic characteristics of these national privacy laws to the GDPR. Valuable comparative information on data protection regulations around the world is thus provided in one concise volume. Due to the variety of jurisdictions covered and the practical examples focused on, both academics and legal practitioners will find this book especially useful, while for compliance practitioners it can serve as a guide regarding transnational data transfers. Elif Kiesow Cortez is Senior Lecturer at the International and European Law Program at The Hague University of Applied Sciences in The Netherlands.

Companies, lawyers, privacy officers, compliance managers, as well as human resources, marketing and IT professionals are increasingly facing privacy issues. While plenty of information is freely available, it can be difficult to grasp a problem quickly, without getting lost in details and advocacy. This is where Determann’s Field Guide to Data Privacy Law comes into its own – identifying key issues and providing concise practical guidance for an increasingly complex field shaped by rapid change in international laws, technology and society

Class actions in privacy law are rapidly growing as a legal vehicle for citizens around the world to hold corporations liable for privacy violations. Current and future developments in these class actions stand to shift the corporate liability landscape for companies that interact with people’s personal information. Privacy class actions are at the intersection of civil litigation, privacy law, and data protection. Developments in privacy class actions raise complex issues of substantive law as well as challenges to the established procedures governing class action litigation. Their outcomes are integral to the evolution of privacy law and data protection law across jurisdictions. This book brings together established scholars in privacy law, data protection law, and collective litigation to offer a detailed perspective on the present and future of collective litigation for privacy claims. Taking a comparative approach, this book incorporates considerations from consumer protection law, procedural law, cross-border litigation, tort law, and data protection law, which are key to understanding the development of privacy class actions. In doing so, it offers an analysis of the novel challenges they pose for courts, regulatory agencies, scholars, and litigators, together with their potential solutions.

As jurisdictions increasingly pass new cybersecurity and privacy laws, it is crucial that attorneys secure a working knowledge of information technology to effectively advise organizations that collect and process data. This essential book—now extensively updated to reflect the dramatic legal changes that have taken place in the few short years since its first edition—remains the preeminent in-depth survey and analysis of privacy and cybersecurity laws worldwide. It also provides a deeply informed guide on how to apply legal requirements to protect an organization’s interests and anticipate future compliance developments. With detailed attention to relevant supranational, regional, and national privacy and data protection laws and frameworks, the author describes and analyzes the legal strategies and responsibilities attached to the following and more: prompt, secure ways to identify threats, manage vulnerabilities, and respond to “incidents” and data breaches; most common types of cyberattacks used today; transparency and consent; rights of revocation, erasure, and correction; de-identification and anonymization procedures; data localization; cross-jurisdictional data transfer; contract negotiation; encryption, de-identification, anonymization, and pseudonymization; and Artificial Intelligence as an emerging technology that will require more dynamic and challenging conversations. Balancing legal knowledge with technical awareness and business acumen, this book is an indispensable resource for attorneys who must provide advice on strategic implementations of new technologies, advise on the impact of certain laws on the enterprise, interpret complex cybersecurity and privacy contractual language, and participate in incident response and data breach activities. It will also be of value to other practitioners, such as security personnel and compliance professionals, who will benefit from a broad perspective exploring privacy and data protection laws and their connection with security technologies and broader organizational compliance objectives.