Privacy and social networking
In June 2009 the Article 29 Data Protection Working Party, an independent European advisory body on data protection and privacy set up under Article 29 of Directive 95/46/EC (“WP-29”), rendered an opinion on privacy law implications of social networking (“WP-163”). In its WP-163, the WP-29 defines a social network service as “online communication platform which enables individuals to join or create networks of like-minded users” and categorises them as being information society services, as defined in Article 1 paragraph 2 of Directive 98/34/EC as amended by Directive 98/48/EC. The WP-163 stresses that the key phenomenon of social networks lies in the fact that users are asked to provide sufficient information about themselves in order to create a thorough personality profile or description and that moreover such information can easily be distributed to others.
Privacy law requirements for ranking lists
It could be regarded as a consequence of the current economic crisis that more and more companies intend to introduce mechanisms of measuring the performance of their employees. There is the possibility of counting the hours an employee is present at work, the number of calls made for example by a call centre agent, the number of pieces of work produced by an industry worker or the number of new clients and the turnover produced by a sales employee.
Decision 2 BvR 902/06 of the German Constitutional Court: the end of email screening in the workplace?
According to the prevailing opinion in Germany, an employer allowing or tolerating the private use of the company’s e-mail system is treated as provider of telecommunication services. In this capacity the employer is inter alia obliged to respect the secrecy (cf. Sec. 88 German Telecommunication Act) and integrity of telecommunication with regard to his employees’ private e-mails. Non-compliance with these obligations can even be subject to criminal sanctions according to Sec. 206 German Criminal Code.
IT-security as a management obligation
As part of its obligation to orderly manage the company (cf. for example Sec. 43 Limited Liability Company Act) the company´s management is responsible for the initial implementation and the continued maintenance of an adequate IT-security within the company especially in order to prevent new risks for the company´s operational reliability.
U.S. Data Protection According to Safe Harbor: Changes after Decision by German Regulators
The so-called “Düsseldorf Group” made a decision this April regarding the legality of data transfers from Germany to companies in the U.S. that have agreed to the Safe Harbor Principles. This article will explain the consequences that this decision will have on the practice of data transfers.
Safe Harbor and Free trade agreement in the wake of the data privacy scandal
The free trade agreement planned between the USA and Europe is at peril of falling apart amidst acute political displeasure and resentment, and looming disputes surrounding the global enforceability of future European data privacy mandates.