International Privacy

WPF Analysis: Implications of the Google Spain Case

The European Court of Justice has recently decided an important case involving privacy and search engines. The decision may have enormously broad implications for privacy, for search engines, and for the Internet as a whole. This brief analysis provides context and highlights of the court’s decision, with a discussion of the implications, which are far-ranging.

European Court of Justice rules affirmatively on “Right to be Forgotten” online

May 20 Update: see our full analysis of the ruling here.  In a ruling with far-reaching implications for online privacy, the European Court of Justice has ruled that online search companies are subject to the European Data Protection Directive, (Directive 95/46/EC) . Search engine companies that are based in the EU, or multi-national search engine

India Update: Talk, National Law University, New Delhi India

I was honored to address students at the National Law University, Delhi this past week about privacy in the US and global privacy trends and issues. The talk included a Q and A session, during which the students engaged in a spirited conversation about US policies regarding surveillance and privacy. I enjoyed the session thoroughly. The students asked challenging questions in particular about telecommunications policies and the idea of safety versus privacy and achieving proper balance.

Japan’s My Number program (マイナンバー法) gets independent Data Protection Authority Commissioner in early 2014

Japan — Under the mai nannbaa-ho (マイナンバー法) My Number Act (enacted May 13, 2013, also called the Social Benefits and Tax Number Act), Japan’s citizens will be assigned unique numbers to track income, social security, taxes, welfare and benefits, and certain information in disasters. Japan will start assigning numbers to its citizens in late 2015. The My Number Act brought with it concern about the use of the numbers as a unique national ID. As a result, Japan will establish a new independent Data Protection Authority called the Specific Personal Information Protection Commission, and will consist of a Chairman and six commission members. The Chairman and Commissioners will be appointed by Japan’s Prime Minister, and confirmed by Japan’s National Diet. The Commission will oversee the use of the new Social Security and Tax system numbers. Unlike many national ID numbering systems, Japan did not set up a centralized database for the numbers due to concerns about data breach and privacy.

Professor Hiroshi Miyashita from Japan’s Chuo University, and an Advisor to the Consumer Affairs Agency (CAA) — gave a talk Oct. 1 at a Privacy Laws & Business Asia Roundtable in London. He told PL& B that the new Commission is to “ensure the proper handling of personal numbers and other specific personal information, and provide guidance, advice and recommendations.” Professor Miyashita said enforcement powers will be limited to requiring reports and conducting on-site inspections. Additional documents regarding the new DPA indicate that there will be a role for the Commission in overseeing release of personal information in disasters, and that the Commission will also issue guidance regarding the use of identifying numbers.

Pam Dixon writes about India’s National ID Card in May/June issue of Foreign Policy Magazine

India’s national biometric ID card — In the May/June, 2013 issue of Foreign Policy Magazine, Pam Dixon writes about the privacy issues related to India’s national biometric ID card. In the piece, Mission Creep, Dixon discusses how government-issued biometric ID cards that serve as national ID cards and as the basis for employment and financial transactions create profound civil liberties and privacy challenges that are neither easily or well-constrained by government policy.