Georgetown Journal of International Law Online: Matt Klinger

Showing posts with label Matt Klinger. Show all posts

By Matt Klinger

Planning an adventurous bar trip abroad? Or an overseas adventure trip with the family? Before you book anything you may want to attend the British Standard Institute's (BSI) half-day event on managing risk in overseas adventurous activities.

The BSI is issuing a revised standard on the topic this spring that, among other things, provides new guidance on how to recognize a well-organized overseas venture. The event takes place April 15th in London and is free to the public.

April 13, 2014

By Matt Klinger

The prospect of developing an international data privacy regime seems low. But as Markus Heyder of the Center for Information Policy Leadership writes, promoting interoperability between existing national or regional standards may offer a practical near-term alternative.

"The basic idea behind interoperability," he writes "is that different privacy regimes can be made to work together through negotiated codes of conduct or similar schemes."

Heyder cites a recent publication by European Union authorities that seeks to help businesses simultaneously meet the privacy requirements of the E.U. and Asia-Pacific Economic Cooperation region. Heyder notes this effort may stimulate similar initiatives elsewhere.

April 09, 2014

By Matt Klinger

Recent moves by Asian governments show that privacy protection is not just a concern in the United States. and European Union.

For instance, just this month Japan issued a voluntary code of practice for businesses that collect and use personal data. In addition, earlier this year, Vietnam created new sanctions for certain violations involving data privacy, while the government of Hong Kong issued a best practices guide for developing a privacy management program.

These efforts add further complexity to the patchwork of privacy regulations and best practices companies should follow when operating in Asia.

April 07, 2014

By Matt Klinger

According to a recent New York Times article, scientists are busily at work attempting to resurrect the passenger pigeon from extinction. More than a billion of the birds once populated the eastern United States, but the last one died in 1914.

Scientists are now sequencing passenger pigeon DNA and developing elaborate plans to recreate the bird's cells, introduce them into an existing type of pigeon, breed the offspring, and eventually train the resulting passenger pigeon-like birds to behave as their "ancestors" did. With any luck, scientists believe a new population of passenger pigeons could be self-perpetuating by 2060.

The prospect may seem far-fetched but at least one animal has already been brought back from extinction, even if only briefly. The possibility of re-creating dead species has some envisioning Jurassic Park-like scenarios where woolly mammoths again roam Siberia. But, as Stanford Law professors Jacob S. Sherkow and Hank Greely note, the issue raises a host of legal questions. For instance, could de-extinct species be patented? Would they be "endangered?" And what regulations, domestic and international, should be in place to govern the process?

March 07, 2014

By Matt Klinger

In late February, Isabelle Falque-Pierrotin was elected to serve as the new chairwoman of the European Union's Article 29 Working Party, a group that plays an advisory role on data protection issues to both the European Commission and to the E.U. member states.

Falque-Pierrotin will face two major challenges in her new role: transitioning the E.U. to a new data protection regulation that likely will be implemented in the coming months and promoting international cooperation between data protection authorities.

In addition to serving a two year term as head of the Working Party, Falque-Pierrotin will continue to serve as the Chairwoman of the French Data Protection Authority (CNIL), a post she has held since 2011.

Earlier this year the CNIL handed down its highest financial penalty ever when it sanctioned Google 150,000 euros for violating several provisions of the French Data Protection Act.

March 05, 2014

By Matt Klinger

To prevent surveillance by the National Security Agency (N.S.A), some large companies with customers outside the U.S. are offering to store their client's data entirely abroad.

Microsoft, for instance, recently indicated it would give customers some choice about where their data is stored. Similarly, a Dutch telecom operator plans to set up servers in the Netherlands so that its encrypted data never leaves the country, while an alliance of German phone and internet operators have discussed doing a similar thing. Going even a step further, Brazil has considered legislation that would force companies like Facebook to store data on Brazilian users inside the country. And some European Union (E.U.) officials support requiring E.U. citizens' data to be stored within the union's borders.

But how effective are such measures likely to be? Not very, according to some analysts, including a retired deputy director of the N.S.A. It seems foreign countries that want to protect their citizens' data will have to benefit from legal reforms, such as changes to U.S. law or the adoption of a binding international instrument. But such measures are unlikely to take effect soon, if at all.

March 03, 2014

By Matt Klinger

The International Association of Privacy Professionals (IAPP) is holding its annual Global Privacy Summit March 5-7 in Washington, D.C. The event, which last year had over 1,000 attendees, includes discussions on all the most important, and contentious, privacy issues and speakers from across the globe. This year's panelists include senior regulatory officials, chief privacy officers of major corporations, and, of course, lawyers from academia and private practice. The summit also provides an opportunity to study and test for the IAPP's suite of professional certifications in privacy.

February 17, 2014

By Matt Klinger

In late January, the Federal Trade Commission (FTC) announced settlements with three professional football teams, a large internet service provider, and eight other companies over charges they falsely claimed compliance with a framework that allows the transfer of personal data from the European Union to the United States.

To comply with the framework, known as Safe Harbor, an organization must annually self-certify to the U.S Department of Commerce that it meets certain privacy protection requirements. But organizations that let their certification lapse, as some in the settlement agreement did, can no longer claim compliance.

Some observers question whether the announcement is an effort to mollify E.U. officials who have recently questioned the effectiveness of Safe Harbor. No matter the impetus, the FTC has made its commitment to enforcing Safe Harbor clear, and certified organizations should remain vigilant about their status.

February 07, 2014

By Matt Klinger

Last month the European Court of Human Rights (ECHR) fast-tracked a case filed by a London-based activist groups against the U.K. government for its alleged involvement in the U.S. National Security Agency's PRISM surveillance program.

The groups filed their complaint with the ECHR in September, alleging the U.K. intelligence services participating in PRISM were violating Article 8 of the European Convention on Human Rights. In particular, Article 8 requires that any government interference in an individual's private or family life must be "in accordance with the law" and "necessary in a democratic society." The U.K. government now has until May 2nd to respond to several questions from the court.

Axel Arnbak at Freedom to Tinker has insightfully analyzed how the court is likely to approach the case.

February 06, 2014

By Matt Klinger

Bitcoin has been in the news a lot lately. While the peer-to-peer currency is often associated with dodgy transactions involving contraband items, its use by the mainstream commercial market is expanding, slowly.

Baidu, China's analogue to Google, recently announced that it will accept payments in Bitcoin, and in October a Bitcoin ATM was unveiled in Vancouver. A recent Senate hearing on Bitcoin indicated the U.S. would not interfere with the currency's use, and Chinese officials have taken a similar stance.

All this positive press has given such a strong boost to Bitcoin's value that some commentators believe it has developed the hallmarks of a "classic bubble." Bitcoins traded at less than $15 earlier this year and are now trading at around $1,000. Many institutions, especially educational ones, will probably see this meteoric rise as simply too-good-to-be-true and not risk swallowing a potential loss on such a novel currency.

For now, paying tuition with Bitcoins seems a long way off.

December 10, 2013

By Matt Klinger

In response to concerns about government surveillance, the Internet Engineering Task Force (IETF), which develops technical standards for the internet, is working on a plan to expand the use of encryption on the web. Most web traffic today is exchanged under the hyper text transfer protocol (HTTP), an unencrypted medium. Some sites, however, like banks, online retailers, and Gmail, use HTTPS, which incorporates encryption into the exchange. The IETF hopes to produce a standard by the end of 2014 that encourages the use of HTTPS for all web traffic, although adoption by websites would not be mandatory.

Salon reports the IETF is also looking into make anonymous surfing of the web easier by expanding the use of Tor - a networking software that anonymizes web traffic. Journalists, activists, and others across the globe use Tor to protect their communications. Meanwhile, the U.S. National Security Agency and its British counterpart seem intent on cracking the software. Ironically, Tor's precursors were developed by the U.S. Department of Defense to safeguard its communications and the U.S. government reportedly still funds around 60 percent of Tor's development tab.

December 04, 2013

By Matt Klinger

"The first major statement by the UN on privacy in 25 years" appeared last month when the General Assembly's committee on humanitarian issues unanimously approved a resolution on "the right to privacy in the digital age."

Brazil and Germany, which recently learned the U.S. National Security Agency had intercepted the communications of their top leaders, sponsored the non-binding measure. The resolution calls on member states to review their legislation and practices regarding communications surveillance with an eye toward upholding the right to privacy. The resolution also calls for a U.N. report on the protection and promotion of privacy in the context of "domestic and extraterritorial surveillance . . . including on a mass scale."

The committee's consensus approval indicates the resolution will easily pass in the General Assembly when it comes up for a vote this December.

December 03, 2013

By Matt Klinger

In October, the European Commission's official data protection advisory group, the Article 29 Working Party, issued its latest guidance for complying with the EU's e-Privacy Directive (affectionately known as the "Cookie Directive").

Among other provisions the new guidance provides that when accessing a website, users must have access to "all necessary information" about the types and purposes of cookies used by the site. In addition, the guidance clarifies that a user's consent to place cookies on a device, which is required by the Cookie Directive, must be sought before cookies are set or read. Meanwhile, the Wall Street Journal reports that Google, Microsoft, and Facebook are each developing online tracking methods that could eventually make cookies, and the new guidance, obsolete.

November 01, 2013

By Matt Klinger

The Standing Committee of China's National People's Congress amended the country's law on consumer rights and interests last month, updating the law for the first time since 1993. In addition to increasing compensation to injured consumers and heightening penalties for violations of the law, the amendment also creates new limitations on the use of personal information. Businesses must now keep such information confidential and implement appropriate security safeguards to protect the data, according to Hunton & Williams.

The amendment, which takes effect in March, comes as internet sales in China hit more than $213 billion last year and the government seeks to further boost domestic consumption.

October 31, 2013

By Matt Klinger

The hype over Google Glass continues to build as the company looks to expand its Explorers testing program and reportedly has moored a barge in San Francisco bay to market the product.

Meanwhile, concern over the privacy implications of Glass do not appear to have abated following Google's response to questions from nine foreign data privacy commissioners in June. Articles discussing the privacy concerns Glass raises appeared in the United Kingdom, Japan, Canada, India, and elsewhere in the last month alone.

While the U.S. Federal Trade Commission did not join in the June letter, it is considering the privacy implications of wearable technology like Google Glass, and is hosting a workshop on the "Internet of things" next month.

GJIL would be happy to try Glass out for itself and develop its own opinion. Here's to hoping Google reads the Summit.

October 30, 2013

By Matt Klinger

The U.S. National Intelligence Council's (NIC) Global Trends 2030: Alternative Worlds provides an interesting perspective on technology and the future. According to the NIC, four technology "arenas" will shape global developments to 2030: (1) information technologies (like data solutions, smart cities, etc.); (2) automation and manufacturing technologies (like 3D printing and autonomous vehicles); (3) resource technologies (think genetically modified crops); and (4) health technologies (like human augmentation).

The impact of technology is among five potential "game-changers" the NIC identifies that could lead to four widely varying scenarios for 2030. These "potential worlds" largely vary based on the level of international cooperation to address global challenges and the power of non-state actors to confront (or contribute to) these issues.

Although the report doesn't make this point explicitly, the implication is clear: to avoid dangerous potential outcomes countries and individually need to develop appropriate legal regimes in concert to govern projected technological developments.

October 09, 2013

By Matt Klinger

Data privacy officials from across the globe gathered in Poland last week for the 35th Annual International Conference of Data Protection and Privacy Commissioners. The conference attendees adopted eight resolutions on various privacy issues including a call for increased cross-border cooperation in data privacy investigations and recommended safeguards for parties that engage in profiling.

Attendees also adopted a declaration addressing the "appification" of society. The declaration emphasizes that app developers should only collect data necessary for their product's performance and calls on operating system providers to offer more granular privacy settings on mobile devices. The commissioners warned that if their efforts to encourage better privacy practices regarding apps do not have "sufficient effect," they "will be ready to enforce . . . legislation in a global effort to reclaim user control."

October 02, 2013

By Matt Klinger

The Organization for Economic Cooperation and Development (OECD) recently updated its Guidelines governing the Protection of Privacy and Transborder Flows of Personal Data ("Revised Guidelines"). While the set of eight principles established in the original guidelines published in 1980 remain intact, the Revised Guidelines introduce at least three new concepts: (1) the importance of a coordinated national privacy strategy; (2) the need for privacy management programs within organizations; and (3) data breach security notification regimes.

In addition, the OECD has highlighted two themes that run throughout the Revised Guidelines. First is a "focus on the practical implementation of privacy protection through an approach grounded in risk management." Second is the "need for greater efforts to address the global dimension of privacy through improved interoperability."

These revisions help modernize the guidelines to accommodate vast changes in data generation and flows since 1980. They also serve, however, to highlight the enduring nature of the OECD's data protection principles.

September 30, 2013

By Matt Klinger

Enforcement of anti-corruption laws remains a top priority in the U.S. and abroad. Learn how to avoid violations of the U.S. Foreign Corrupt Practices Act (FCPA) at the AmericanBar Association's Sixth Annual National Institute on the FCPA from September 18 to 20.

The panelists will include senior officials from FCPA enforcement units at both the Securities and Exchange Commission and Department of Justice, as well as a senior counsel at the World Bank.

The keynote speaker at the event is slated to be Keir Starmer, QC, Director of Public Prosecutions for the U.K.'s Crown Prosecution Service.

August 31, 2013

What's on the mind:

Popular Posts

Staff

Symposia

Blog Archive

About Us