Home | Databases | WorldLII | Search | Feedback Privacy Laws and Business International Report

Book reviews [1999] PLBIRp 22; (1999) 48 Privacy Laws and Business International Report 20

Book Reviews

None of Your Business - World of Data Flows, Electronic Commerce, and the European Privacy Directive

This book, written by two American academics, Peter P. Swire and Robert E.Litan, examines the EU Data Protection Directive and its implications for organisations in the United States. The authors evaluate the directive's requirement of adequate protection for transfers of data to third countries, and its effect on various business sectors. They point out the aspects of the directive which, in their view, will pose a challenge for US companies transferring personal data in the fields of financial services, direct marketing, airline reservations systems and Internet service providers.

While the authors have some unconventional views about European data protection laws, the merit of the book is its timeliness. Organisations can learn what policy measures may be taken by the European Union and the United States. Included is an evaluation of the work and recommendations made by the EU Data Protection Working Party ("the Article 29 group").

The authors also make some policy recommendations, which include the adoption of model contracts and other self-regulatory measures, rather than an omnibus privacy law. In addition, they propose the establishment of a privacy office in the United States, which could become the permanent point of contact for other countries' privacy authorities. The authors suggest that such an office could be established within the Department of Commerce (an office has now been set up in the White House, see p.2).

The authors also point out that the EU Directive can be interpreted in numerous different ways. Other issues include the applicability of the directive to intranets, extranets, e-mails, and laptops, as well as non- European websites. The book also analyses the effects of data protection laws on electronic commerce, and the directive's effect on free trade.

The title of the book, None of your business, can be interpreted in many ways, but it certainly describes the attitude of some American players, who think that the European Union should have no say in how the Americans conduct their business and protect privacy. The authors recommend that the European Data Protection Authorities approve selfregulatory measures, even if they do not cover every possible aspect of European data protection laws.

Peter P. Swire is a Professor of Law at the Ohio State University. Robert E. Litan is the Director of Economic Studies programme and holder of the Cabot Family Chair at the Brookings Institution, Washington DC. Title: None of Your Business - World of Data Flows, Electronic Commerce and the European Privacy Directive, 1998, 260 pages. Publisher: The Brookings Institution, 1775 Massachusetts Avenue, N.W, Washington, DC 20036, United States, Tel: + 1 800 275 1447, e-mail: BIBOOKS@brook.edu. Price: hardcover $39.95, paperback $16.95.ISBN0-8157-8240-3

The first three years of the Data Protection and Freedom of Information Commissioner (Hungary)

The Office of the Hungarian Commissioner for Data Protection and Freedom of Information has produced an account of the first three years of the office. While the Hungarian law on the Protection of Personal Data and Disclosure of Data of Public Interest was adopted in 1992 (PL&B Feb '98, p. 9), the Commissioner, Dr Laszlo Majtenyi was not appointed until three years later. The book includes detailed information about the office's work. Types of cases for years 1995-1996 are described, as well as general trends and investigations during 1997. One chapter discusses the Hungarian data law in the European context.

Contact details for ordering the book: Adatvédelmi Biztos Irodája, 1054 Budapest, Tyköry u.3, Hungary. Tel: +36 1 269 3500, Fax: +36 1 269 3541. A summary can be found at http://www.obh.hu

Swiss legal persons

Switzerland is one of the relatively few countries to apply its data protection law to legal persons in a similar way that it does to natural persons. The book, Schweizerisches Privat-recht, covers various aspects of Swiss law for legal persons, for example their obligations under company law and different forms of legal persons. The book also includes a short, one page introduction to legal persons' data protection responsibilities.

Title: Schweizerisches Privatrecht, 1998 (in German). Author: Professor Dr Rolf H. Weber. Publisher: Helbing und Lichtenhahn Verlag AG, Basel, Switzerland. ISBN 3- 7190-1774-5. A French version of the book, entitled Traité de droit privé suisse, is available from Editions Universitaires Fribourg Suisse.

A Human Rights Commission: The Options for Britain and Northern Ireland

The book evaluates the need for a Human Right Commission in the United Kingdom as a result of the new Human Rights Act. The authors, Ian Brynoe, Solicitor, and Sarah Spencer, Director of the Human Rights Programme at the Institute for Public Policy Research, examine the aims and possible structure of a future Commission, and the implications for existing public bodies in this field, such as the Commission for Racial Equality and the Equal Opportunities Commission.

The authors suggest that the UK forms an umbrella body to deal with all human rights issues. The body, which would serve as a "one-stopshop" for individuals, would be made up of individual Commissioners. The Commissioners would work alongside their counterparts at bodies such as the Office of the Data Protection Registrar, which would retain its current statutory responsibilities. The Registrar (Privacy Commissioner) would be appointed an ex-officio Commissioner of the Human Rights Commission. This would require the Data Protection Act 1998 to be amended.

The authors also propose that the Human Rights Commission should have the necessary powers to carry out investigations into alleged human rights abuses. The Commission that will be established in Northern Ireland will lack this power.

The book is an interesting read for those involved in human rights issues and their implementation in the UK. Clearly presented, it is easy to follow, and it provides readers with a good overview of the debate in this field.

This IPPR (Institute of Public Policy Research) publication is available from Central Books, 99 Wallis Rd, London E9 5LN, Tel: +44 (0)181 986 5488, Fax: +44 (0)181 533 5821, E-mail:ippr@centralbooks.com. Price: £8.25 including postage.

Other publications

Supplement to Data Privacy Law

The authors of Data Privacy Law: A Study of United States Data Protection, Professors Paul M. Schwartz and Joel J. Reidenberg, have now issued a 1998 supplement (for a review of the book which was published in 1996, see PL&B Dec '97, pp.18-19).

Publisher: LEXIS Law Publishing. ISBN 0-327-00845-8.

Hong Kong Annual Report

The office of the Hong Kong Privacy Commissioner has published its second Annual Report, which covers 1997-98. The eye-catching report, which is written in Chinese and English, provides detailed information about the office's work.

The office received, in its first full year of operation, an increasing number of enquiries and complaints. The staff, which currently consists of 31 people, handles 50 enquiries a day. Approximately 5 complaints were received each week, amounting to 253 a year. By far the biggest areas for complaints were estate agents and the finance sector. During the reporting period, the Commissioner issued three enforcement notices.

In December 1997, a code of practice on the Identity Number and other Personal Information was issued. Another code was issued in February 1998 on Consumer Credit Data. Other guidance materials published include fact sheets on transborder data flows, human resources and cold-calling.

The Commissioner carried out 74 compliance checks during 1997-98. In seven cases, the Commissioner decided to use his formal powers of investigation, and ordered changes to the organisations' compliance practices.

In 1997, the office also carried out a large-scale publicity campaign, which included television and radio advertising, use of posters, and roadshows in shopping centres. The following year, the Commissioner conducted a survey to evaluate awareness of individuals and organisations on privacy issues. Only a few respondents thought that they had not been made aware of privacy. The number of people who were aware that they could have their complaints investigated by the Privacy Commissioner amounted to 34% of the respondents.

The report is available from the Office of the Privacy Commissioner, Unit 2001, 20th Floor, Office Tower, Convention Plaza, 1 Harbour Rd, Wanchai, Hong Kong, Tel: +852 2827 2827, Fax: +852 2877 7026. Price HK$120.