ePrivacy Directive

19 April 2017 at 9:48am

Privacy online: is a separate Directive still needed?

Andrew Cormack
Data Protection Regulation
ePrivacy Directive
GDPRdevelopment
Now that the General Data Protection Regulation has been completed, the European Commission is reviewing the ePrivacy Directive. This law was introduced in 2002 as part of the telecommunications framework, and it was recognised at the time that it was likely to be largely replaced by a future general privacy law.
Read more
4 May 2016 at 3:15pm

Wifi location data

Andrew Cormack
Privacy
ePrivacy Directive
Data Protection Act
wifi
location
More than a decade ago the e-Privacy Directive mentioned "location data" in the context of telecommunications services. At the time that was almost entirely about mobile phone locations - data processed by just a handful of network providers - but nowadays many more organisations are able to gather location data about wifi-enabled devices in range of their access points.
Read more
3 March 2016 at 3:42pm

GDPR - the final text?

Andrew Cormack
Data Protection Regulation
incident response
Access Management
Cloud computing
Breach Notification
ePrivacy Directive
The European Council of Ministers have now published a proposed text for the General Data Protection Regulation. This still needs to be edited by the Commission's "lawyer-linguists" to check for inconsistencies, sort out the numbering of recitals and articles etc. But the working parties of both the Parliament and the Council have recommended that the resulting text should be adopted by the respective full bodies at meetings in the next couple of months.
Read more
30 June 2014 at 1:01pm

Incident Response and the Law

Andrew Cormack
incident response
#firstcon14
ePrivacy Directive
Privacy
At the FIRST conference this week I've heard depressingly many incident responders saying "our lawyers won't let us...". Since incident response, done right, should actually support the law's objectives, it seems we need to be smarter, and maybe a bit more assertive, about explaining how incident response and law interact.
Read more
15 August 2013 at 3:25pm

Bins, MACs and Privacy Law

Andrew Cormack
Data Protection Regulation
Privacy
ePrivacy Directive
A recent news story reported that a small number of litter bins in London were collecting a unique identifier from passing mobile phones and using these for some sort of "footfall analysis". There doesn’t seem to be much detail about the plans: it struck me that a helpful application could perhaps be look for the same phone passing slowly and repeatedly past, and display an "are you lost?" map on the bin’s advertising screen!
Read more
25 June 2013 at 3:30pm

Sharing to Win Privacy

Andrew Cormack
Data Protection Regulation
Privacy
ePrivacy Directive
incident response
#firstcon13
The theme of this week’s conference of the Forum of Incident Response and Security Teams (FIRST) is “Sharing to Win”. Perhaps inevitably, I’ve had a number of people (and not just Europeans) tell me that privacy law prevents them sharing information that would help others detect and recover from computer security incidents. If that’s right, then those laws are working directly against the privacy they are supposed to be protecting.
Read more
7 June 2013 at 10:33am

Can Internet Stability be Regulated?

Andrew Cormack
#tnc2013
Cybersecurity Directive
Resilience
ePrivacy Directive
A wide-ranging panel discussion at the TERENA Networking Conference considered the stability of the Internet routing system at all levels from technology to regulation. The conclusion seemed to be that at the moment the Internet is stable because two systems, technical and human, compensate effectively for each others’ failings. While improvements to increase stability may be possible, they must beware of disrupting the current balance or introducing new ways that it can fail.
Read more
6 June 2013 at 4:19pm

Privacy, Regulation and Innovation

Andrew Cormack
#tnc2013
Cookies
Data Protection Regulation
Privacy
ePrivacy Directive
Robin Wilton of the Internet Society gave a talk at the TERENA Networking Conference on the interaction between privacy, regulation, and innovation. It's a commonly heard claim that regulation stifles innovation; yet the evidence of premium rate phone fraud and other more or less criminal activities suggests that regulation can, in fact, stimulate innovation, though not always of the type we want.
Read more
3 January 2013 at 11:39am

ICC Cookie Guide updates

Andrew Cormack
Privacy
data protection
ePrivacy Directive
Cookies
The International Chamber of Commerce has published a revised version of its Cookie Guide, reflecting the new information that has been produced by the Information Commissioner and Article 29 Working Party since
Read more
4 December 2012 at 11:18am

New CAP rules on behavioural advertising

Andrew Cormack
Cookies
ePrivacy Directive
The Committee on Advertising Practice (CAP) has announced new rules on online behavioural advertising. UK advertisers will be expected to comply with these rules from 4th February 2013.
Read more
Subscribe to ePrivacy Directive