Wednesday, July 19, 2006

UK Spam laws

I came across an article about strengthening the UK anti-spam laws introduced back in 2003. The Privacy and Electronic Communications Regulations was introduced to implement the Directive on Privacy and Electronic Communications 2002/58/EC. Yet, three years on, the law has been criticised for its weakness in not stopping spam being sent to businesses. From a legal standpoint, this is interesting given that the regulations were originally intended to prevent spam being sent to individuals. In its latest annual report (pdf), the UK Information Commissioner's Office took the view that the powers confered under the Privacy and Electronic Communications Regulations were insufficient to deal with the problem of spam. This is particularly the case when spam originates from countries outside the EU. Certainly, more can be done, but one will wait and see whether the government consider revising its laws.

Tuesday, July 04, 2006

ICO E-Newsletter

The UK Information Commissioner has published its first e-newsletter (April 2006). Certainly, a good idea and raises more awareness of data protection issues. Also includes a link to the report arising from the one-day conference "Data protection: the next 21 years".

Interesting Reading

I came across a recent article that described the current state of developments on data protection in Singapore. The article is entitled European Union Data Protection Directive: Adequacy of Data Protection in Singapore. My initial thoughts when reading this was that Singapore did not have any data protection laws as yet and even though there has been some discussion about whether to introduce such laws, to date, this has not yet materialised. In any case, the article is well worth reading and in some respects, I do agree that with the suggestions for introducing a framework to meet the requirements of the European Data Protection Directive. As a taster, here is the abstract:

The European Union Data Protection Directive requires member states to place restrictions on transfers of personal data to countries that cannot guarantee an adequate level of data protection. Countries that do guarantee adequate protection enjoy a smooth business environment and an enhanced ability to participate in trade. In this paper I examine the adequacy of Singapore’s data protection regime, and in particular the Model Data Protection Code. I suggest various amendments to the regime to enable Singapore to meet the Directive requirements. To carry out the assessment,I use a framework developed by the Article 29Working Party, the body that in practice carries outthe official adequacy assessments for the EU.