Data Protection Law
Data Protection Law deals with the security of the electronic transmission of personal data. As of yet, the United States does not have any centralized, formal legislation at the federal level regarding this issue, but does insure the privacy and protection of data through the United States Privacy Act, the Safe Harbor Act and the Health Insurance Portability and Accountability Act.
U.S. Sectoral Approach
The United States follows what is referred to as a 'sectoral' approach to data protection legislation. Under this approach, the laws of data protection and privacy rely on a combination of legislation, regulation, and self-regulation rather than governmental interference alone. Since the Clinton administration, the U.S. has followed a policy geared toward allowing the private sector to lead the way in data protection. This means that companies should implement their own policies, develop their own technology, and individuals should self-regulate to prevent the dissemination of their private data. Pursuant to this policy, the US has not yet developed a single, federal data protection law.
European Data Protection Laws
The European Union, on the other hand, has a unified data protection law called the Data Protection Directive. The EU's Data Protection Directive regulates the processing of personal data within the European Union and is an important component of the EU's privacy and human rights law. However, recognizing the need to modify this law to deal with globalization and technological developments, the European Union prepared a draft European General Data Protection Regulation that will supersede the Data Protection Directive, which is targeted for adoption in 2014 and to become effective in 2016. The existing Data Protection Directive, in simplest terms, asserts that personal data should not be processed at all, but if it is, it must fall within certain categories of transparency, legitimate purpose, and proportionality. The proposed law would expand the data protection regime currently in place to cover all international companies doing business in the EU.
U.S. Ad Hoc Privacy Laws
Under the U.S. Sectoral approach, however, privacy legislation tends to be sparse and only adopted on an ad hoc basis, with legislation arising when circumstances require. These laws usually only apply to situations in which individuals would not be able to control the use of their data through self-regulations. Examples include the Video Privacy Protection Act of 1988, the Cable Television Protection and Competition Act of 1992, and the Fair Credit Reporting Act.
American Privacy Law Traditions
The reasoning behind the U.S. approach to privacy laws has as much to do with American laissez-faire economics as with its legal tradition. For example, while the U.S. has prized its right to free speech so dearly that the very first amendment to the U.S. Constitution protects it explicitly, the Constitution does not have an explicit right to privacy. The U.S. Supreme Court has found a right to privacy implied by the terms of other portions of the Constitution, and many states have explicit privacy rights in their state constitutions, but on a federal level there is no express constitutional guarantee to privacy. As a result, there is similarly no constitutional framework upon which to build a single data privacy act, making the ad hoc approach much more compatible with the American system of government
For more information on data protection laws, please refer to the materials found below on this page. Moreover, should you need the assistance of an attorney to protect your rights as related to a data protection issue, whether as a person or entity that acquires and uses this data or as one who is afraid of the misuse of your personal information, you can find a list of attorneys in your area by visiting our Law Firms page.
Articles on HG.org Related to Data Protection Law
- Where Is It Legal to Put Surveillance Cameras?In an increasingly surveillance-based society, it may seem that cameras are everywhere around us. If you look around, you may find cameras in unexpected places that you pass on a daily basis. But, how far can all of this surveillance go? Are there places that cameras are not allowed? Where is it legal to put surveillance cameras?
- 10 Privacy Laws To Speed Read Before You Record Your ExWhen facing a contested divorce situation, husbands and wives are tempted to record each other with the hope to improve their individual divorce outcome. This article is a reminder that while your high tech gizmo may enable you to intercept some valuable dirt on your ex, privacy law likely prohibits it.
- Every Book Ever Written Soon to be Searchable on the Internet Thanks to Fair Use DoctrineVirtually anyone who has used the Internet outside of China has heard of the search engine giant Google (China blocks Google and has its own domestic search engine). But, many did not know that in 2002, one of Google's founders, Larry Page, had a plan to put every book ever written on the Internet. The plan stalled after legal troubles, but may now be back on track thanks to the Fair Use Doctrine.
- Do You Have a Right to Privacy?Frequently, we hear people refer to a right to privacy, and many surveys even show that most Americans even believe that it is a specific right under the Constitution (though they cannot agree as to which amendment it is). In reality, there is no amendment that specifically protects privacy, though it has been recognized in several U.S. Supreme Court cases.
- Secret Court Ruling Explains Government's Legal Justification for Warrantless Collection of Phone DataSince the revelation by former government contractor, Edward Snowden, that the federal government had been spying on US citizens for years, the opinions of both the public and a number of elected officials have shown strong disapproval for this conduct.
- Defamation: What it is and How to Deal with ItDefamation is when someone tells one or more persons an untruth about you, and that untruth harms your reputation. Defamation is the general term, while slander and libel refer to particular types of defamation. Libel is a written defamation, and slander is verbal. There are three key factors to consider when deciding whether a defamatory statement should be taken to court.
- The Liability of Recording OthersThough many people today take advantage of modern technology and record meetings or conversations for their own purposes or preservation, it would behoove them to know about the liabilities listed in the New Jersey Wiretapping and Electronic Surveillance Control Act.
- Your New Hire’s Non-Compete AgreementFor years you’ve admired your top competitor’s ability to design and market new products that have, much to your frustration, consistently outsold yours. Now one of the key members of your competitor’s marketing team is sitting in your office asking YOU for a job. As he describes to you how he thinks he can position your products for triple-digit sales growth, you can’t help but think to yourself, “is this too good to be true?”
- Is it Time to Update Your Company’s Non-Disclosure/Non-Compete Agreement?An employee non-disclosure/non-competition agreement (NDA/non-compete) is a vital part of any company’s intellectual property protection program. Too often though, companies use the same form agreement for years even though its legal value may have eroded due to changes in the law or changes in the business. The following are some things to consider in determining whether it may be time to update your company’s NDA/non-compete.
- Chick-Fil-A, Thomas Menino, and the First Amendement – Interview with Dustin HeckerOn the 20th of July, Boston mayor Thomas Menino sent Dan Cathy, President of Chick-Fil-A, a strongly worded letter discouraging him from expanding his enterprise into his city. Proponents of both figures hastily emerged to voice their opinions on this issue. It seems that the scale ultimately tipped in favor of Cathy, as evidenced in Chick-Fil-A’s record breaking sales in the aftermath known as “appreciation day.”
- All Science and Technology Law Articles
Articles written by attorneys and experts worldwide discussing legal aspects related to Science and Technology including: biotechnology, chemical law, computer and software, data protection, information technology, internet law, research and development, telecommunications law.
Data Protection Law - US
- Data Protection Directive - Wikipedia
The Data Protection Directive (officially Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data) is a European Union directive which regulates the processing of personal data within the European Union. It is an important component of EU privacy and human rights law.
- Health Insurance Portability and Accountability Act
The Administrative Simplification provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA, Title II) required the Department of Health and Human Services (HHS) to establish national standards for electronic health care transactions and national identifiers for providers, health plans, and employers. As the industry has implemented these standards, and increased the use of electronic data interchange, the nation's health care system will become increasingly effective and efficient.
- OECD - Working Party on Information Security and Privacy (WPISP)
The OECD is a unique forum where the governments of 30 member countries work together with business and civil society to address the economic, social, environmental and governance challenges of the globalising world economy, as well as exploit its opportunities.
- United States Privacy Act
The Privacy Act Issuances, 2005 Compilation Online Database contains descriptions of Federal agency systems of records maintained on individuals and rules agencies follow to assist individuals who request information about their records.
- US, EU and Swiss Safe Harbor Frameworks
The U.S. Department of Commerce in consultation with the Federal Data Protection and Information Commission of Switzerland developed a "Safe Harbor" framework to bridge the different privacy approaches between the two countries and provide a streamlined means for U.S. organizations to comply with the Swiss data protection law. This website also provides the information an organization should need to evaluate – and then join – the U.S.-Swiss Safe Harbor Framework.
Data Protection Law - International
- Data Protection Laws Around the Globe
Information Privacy is an International concern. Today, most countries have laws protecting personal data from misuse and destruction. Regulation and enforcement of data protection varies from country to country.
- Data Protection Legislation
In 2012, the Commission proposed a major reform of the EU legal framework on the protection of personal data. The new proposals will strengthen individual rights and tackle the challenges of globalisation and new technologies.
Organizations Related to Data Protection Law
- Center for Democracy and Technology - Data Security/Breach
New technology has created powerful new ways to gather, store, sort, analyze, locate, correlate, and disseminate data. This has enabled increasingly intensive use of personal data, which can deliver significant benefits. But the growing use of personal data raises a host of privacy challenges as well.
- Electronic Privacy Information Center (EPIC)
EPIC is a public interest research center in Washington, D.C. It was established in 1994 to focus public attention on emerging civil liberties issues and to protect privacy, the First Amendment, and constitutional values.
- Privacy International
Privacy International (PI) is a human rights group formed in 1990 as a watchdog on surveillance and privacy invasions by governments and corporations. PI is based in London, England, and has an office in Washington, D.C. We have campaigned across the world to protect people against intrusion by governments and corporations that seek to erode this fragile right. We believe that privacy forms part of the bedrock of freedoms, and our goal has always been to use every means to preserve it.
- Privireal - United States Data Protection
The USA has no comprehensive data protection legislation. Although a signatory to the 1981 OECD Guidelines, the USA has not implemented them domestically. Instead, a sectoral approach, with a mix of legislation, regulation and self-regulation, is utilised. The introduction of Directive 95/46/EC could have therefore restricted the ability of US organisations to engage in transactions with their European counterparts, for it prohibited the transfer of personal data to non EU states that do not meet the "adequacy" standard for the protection of privacy.
Publications Related to Data Protection Law
- CIPP Guide for Privacy Professional
The CIPP Guide provides reliable and accurate information to the privacy professional arena. We hope individuals seeking the Certified Information Privacy Professional designation will find further substance specifically targeted at their CIPP pursuit.
- EPIC Alert
The EPIC Alert, a bi-weekly publication of the Electronic Privacy Information Center in Washington DC, covers issues related to privacy and civil liberties in the information age. Each issue contains: * detailed articles on privacy developments in the US and around the world * briefing reports on breaking privacy news * book reviews of the latest privacy-related publications * listing of upcoming privacy conferences and events.
- Guidelines for the Security of Information Systems and Networks
These guidelines apply to all participants in the new information society and suggest the need for a greater awareness and understanding of security issues, including the need to develop a "culture of security" - that is, a focus on security in the development of information systems and networks, and the adoption of new ways of thinking and behaving when using and interacting within information systems and networks. The guidelines constitute a foundation for work towards a culture of security throughout society.