European Data Privacy Law and Online BusinessOxford University Press, 2003 - 322 pages EU data protection law is of great practical relevance for any company doing business in today's global information economy. This book provides a detailed and practical exposition of European data protection law in the context of the issues that arise in electronic commerce and dataprocessing. It analyses the relevant EU legislation and case-law, and makes particular reference to the EU Data Protection Directives as well as to the national regulatory systems in Europe and the US. Numerous examples are taken from practice, and advice is given on how the relevant data protectionlaws apply to and impact upon business in Europe, the US, and worldwide. Beginning with a detailed description of the legislative process, the book goes on to discuss the basic legal concepts underlying data protection law. It then focuses on how to determine whether EU law applies to particular electronic commerce and online activities, and how to transfer personal dataoutside Europe so as to comply with EU law. The book also includes a comprehensive analysis of how to deal with complex compliance challenges, including notification of databases, processing of employee data, privacy policies, and website compliance and standardization. The key legislative texts needed to deal with complex data protection issues are included in the appendices, along with forms and precedents, contact information for data protection authorities, and links to useful websites. The book is fully up-to-date with the amendments to the TelecommunicationsData Protection Directive passed in the summer of 2002. |
Contents
Fundamental Legal Concepts 2 | 1 |
International Data Transfers 4 | 6 |
H Future Directions 1 75 | 45 |
Fundamental Legal Concepts | 49 |
Jurisdiction and Applicable Law | 85 |
International Data Transfers | 117 |
Compliance Challenges and Strategies | 165 |
Notification of Data Processing 5 17 | 174 |
Forms and Precedents | 211 |
Implementation and Text of the EU Data | 225 |
Implementation and Text of the Directive | 255 |
US Safe Harbor Principles | 279 |
Standard Contractual Clauses for the Transfer | 295 |
Glossary | 305 |
309 | |
315 | |
Internet Technology and the Employment Relationship 5 28 | 180 |
European Data Protection Authorities | 205 |
Other editions - View all
Common terms and phrases
29 Working Party adequate level adopted apply Article 29 CNIL comply consent contract cookies Council Council of Europe Court data controller Data Exporter data processing Data Protection Act Data Protection Directive data protection law data subject data to third database Directive on Privacy DPAs e-mail electronic commerce electronic communications networks electronic communications services employees enforcement ensure equipment established EU law Europe European Commission European data protection European Parliament European Union example Federal Data Protection implementation Importer Information Commissioner Internet legal persons legislation level of protection Member State law national law necessary notification obligations onward transfers particular Principles Privacy and Electronic privacy policy processing of personal processor purposes Recht regard requirements rights and freedoms rules safe harbor safe harbor principles sensitive data sonal data specific subscribers supervisory authority Telecommunications third countries third party tion transfer of personal unsolicited users whereas