Privacy trends 2014

Regulations fall behind as new technologies emerge

  • Share

Today’s privacy regulations, as well as those being considered by regulatory bodies around the world, seem completely inadequate to protect individuals from the privacy risks emerging technologies present.

Yet, in the face of the daunting challenges ahead, participants at the 34th International Conference of Data Protection and Privacy Commissioners met in Uruguay in October 2012 to forge on.

They acknowledged both the progress many nations had made to improve privacy legislation, as well as the setbacks resulting from rapidly evolving technology and globalization. And they implored all parts of the world to review their data protection and privacy rules through the lens of consolidation and cooperation.

In 2013, participants at the 35th International Conference of Data Protection and Privacy Commissioners continued their progress by adopting eight new declarations and resolutions that delved deeper into the issues raised the year before. Four resolutions focused on technology challenges (“appification,” profiling, digital education and webtracking), two addressed better coordination among jurisdictions (enforcement coordination and international law), and one urged greater transparency on what data organizations are collecting and why (openness).

At a more granular level, many government bodies at federal and state levels are continuing to update their breach notification laws.

Unfortunately, the massive intelligence leak by former US intelligence contractor Edward Snowden has cast a pall on the goals of cooperation. In fact, the Snowden affair has so eroded trust among nations that the European Union is considering a motion to suspend the US–EU Safe Harbor Framework.

Once a respected guideline for US organizations to provide satisfactory protection for personal data of EU residents as required by the European Union’s Directive on Data Protection, the Framework now lies in limbo. This leaves Binding Corporate Rules (BCR) as one of the few frameworks available for global organizations to adhere to when seeking to transfer data of EU residents across borders.