tag:blogger.com,1999:blog-6974997875021040765.post6688235779825409897..comments2024-03-12T12:04:59.304+01:00Comments on Peter Fleischer: Privacy...?: The "adequacy" regime is inadequateAnonymoushttp://www.blogger.com/profile/09908660263905877338noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-6974997875021040765.post-10990433555794087332010-09-10T15:12:47.740+01:002010-09-10T15:12:47.740+01:00I happened quite belatedly to read Peter's com...I happened quite belatedly to read Peter's comments. In 2004 Ponemon Institute published a survey comparing actual privacy levels as between Canada and the US, concluding that actual levels were higher in Canada. Some time later, I read that survey and on behalf of my firm, commissioned Ponemon to conduct a similar survey comparing actual levels of privacy in the EU with those in the US. That survey was released in April 2006, and concluded that actual levels were higher in the US, confirming Peter's view that "on the ground" in the privacy arena, the EU approach may not be superior to the US approach.David Bendernoreply@blogger.comtag:blogger.com,1999:blog-6974997875021040765.post-26659119386170506212010-01-26T09:09:24.910+01:002010-01-26T09:09:24.910+01:00I agree completely.
Notwithstanding, am not agree...I agree completely.<br /><br />Notwithstanding, am not agree with your view of making user responsible, APEC framework approach.<br /><br />People could not digest all privacy application management PETs every visited site on Internet is providing. And, as you said in previous post, there are many private data treated on Internet without our knowledge.<br /><br />What about a centralised model Creative Commons style rules of private data treatment rules. Or will it finish our anonymous web surfing navigation?<br /><br />This comment is all right reserved - copyright ;-p<br /><br />RegardsÁlvaro Del Hoyohttps://www.blogger.com/profile/01953024271095733531noreply@blogger.comtag:blogger.com,1999:blog-6974997875021040765.post-52357263394094335022010-01-20T15:25:50.622+01:002010-01-20T15:25:50.622+01:00Agree with your thoughts on adequacy. Some questi...Agree with your thoughts on adequacy. Some questions into the mix:<br /><br />1. Who declared the EU adequate? <br />2. How is data tranferred from the EU to the world's three largest economies (US, Japan, and China) even though none of them are adequate? (SH only covers a specific sector of com'l info).<br />3. Where is the transparency to adequacy?<br />4. Can there only be one way to protect personal data?<br />5. Is sitting in judgment of another country's legal framework contrary to int'l relations?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-6974997875021040765.post-31243416087079177742010-01-19T20:16:00.400+01:002010-01-19T20:16:00.400+01:00I suppose the "adequacy" label as a star...I suppose the "adequacy" label as a starting point isn't a bad thing. In other words, "adequate" as a minimum standard, not as an aspirational level of protection.<br /><br />I quite agree that organizations controlling and owning data need to take full responsibility to protect that data completely, not matter what jurisdiction in which it is processedUnknownhttps://www.blogger.com/profile/07780696284949146615noreply@blogger.comtag:blogger.com,1999:blog-6974997875021040765.post-42162088006369799002010-01-18T20:40:28.735+01:002010-01-18T20:40:28.735+01:00Peter,
Yes you're right that the Data Protec...Peter, <br /><br />Yes you're right that the Data Protection Directive's concept of 'adequacy' is ludicrous, and that european DP Authorities are deluding themselves if they think they can control or regulate transfers in any meaningful way. You're also right that the Art.29 WP is a non-transparent, unaccountable cabal whose 'opinions' often reveal profound legal or technical misunderstanding and a deep anti-commercial instinct. Many DP experts, and an increasing number of DPA's, recognise this. The question for privacy professionals is how do you do anything about it? How do you foster the sorts of changes you'd like - and about which there is a (slowly) growing consensus? Some DPA's will be perfectly happy to wage their self-deluding and ineffective rear-guard action against Google, the Internet, and other such wickedness, until the end of time. You've got to try to engage positively and understand the historical and cultural factors that have given european data protection the characteristics it has today. You've also got to accept the glacial movement of the EC institutions. Just criticising won't get you anywhere. In fact it will make things worse. It will also make it harder for the more pragmatic DPA's - like the ICO in the UK - to work with the industry to develop the kind of regulation that individuals and industy sorely need in the 21st century. <br /><br />Regards, Michael-the-CatAnonymousnoreply@blogger.com