Home | Databases | WorldLII | Search | Feedback Privacy Laws and Business International Report

Book reviews [2000] PLBIRp 53; (2000) 56 Privacy Laws and Business International Report 16

Book Reviews

Privacy & Human Rights

EPIC, the Electronic Privacy Center and Privacy International, published, in September, a review of the state of privacy in over fifty countries around the world. Country reports include valuable information on countries rarely discussed in the privacy scene, such as Bulgaria (has a draft data protection law), Chile (adopted a data protection law in 1999), Peru (has a data protection bill) and Turkey (working on draft legislation).

Apart from the state of privacy laws, the country reports include information about telephone tapping, genetic databases and freedom of information laws. The publication, therefore, serves as a useful reference book, especially because of references to original documents.

The book, written by David Banisar, Senior Fellow, EPIC, also includes an introduction to the history of data protection laws, international developments and current threats to privacy. The latter include identity cards, biometrics, surveillance of communications, electronic commerce, video surveil-lance and surveillance at the workplace.

The survey finds that although privacy is recognised worldwide as a fundamental human right, there is a need for stricter enforcement of the current privacy laws. Surveillance authority is abused regularly even in the most democratic countries. On the other hand, in some countries the supervisory authority is not inde-pendent, but under the control of the government.

The 247-page survey, "Privacy and Human Rights", can be ordered from EPIC (the Electronic Privacy Information Centre), http://www.epic.org/bookstore, ISBN 1-893044-09-2, price $20.

The Privacy Law Sourcebook 2000

Another useful publication by EPIC - this book examines United States' privacy laws, international privacy laws and recent privacy developments. Written by Marc Rotenberg, Executive Director of EPIC, the publication is a handy sourcebook on US privacy laws. These laws have often resulted from attempts to address issues that have not been resolved by the courts, or as a response to the challenges posed by new technologies. The book comprises sixteen pieces of legislation, starting with the Fair Credit Reporting Act (1970).

The international section adds to materials that were published in the 1999 edition. In addition to the international treaties and EU directives, the book includes four new national privacy laws; Chile's Law for the Protection of Private Life 1999, UK's Regulation of Investigatory Powers Act 2000, Canada's Personal Information Protection and Electronic Documents Act 2000, and Iceland's Act on Bio Banks 2000 (authorises the collection of biological samples of human beings).

Readers should note, however, that this is not a comprehensive list of privacy laws adopted worldwide in 2000, and it makes the reader wonder why just these have been included. Also included is Italy's Data Protection Act of 1996 as an example of a data protection law that provides a good level of protection.

The third chapter examines recent developments. These include recent recommendations by the EU Data Protection Working Party (the Article 29 Group) and materials on the Safe Harbour agreement. Lastly, the book includes a list a privacy references. Particularly useful is a list of website addresses where many of the texts of national data protection laws can be found.

The Privacy Law Sourcebook 2000 is available from EPIC, http://www. epic.org/bookstore, ISBN 1-893044- 08-4. 594 pages. Price: $40.

Data Protection in the UK

This book about data protection in the UK is written by Peter Carey, who is a solicitor at Charles Russell. The author's role as a practitioner commendably shows through in the practical approach taken to the data protection legislation, which is comprehensively covered in this book.

The book covers rights of individuals, data protection principles, fair and lawful processing, sensitive personal data, data exports, manual data, notification, exemptions, enforcement, criminal offences, telecommunications, employment, the Internet and CCTV. There are appendices, which contain not only the legislation but also the statutory instruments. Those regulations are not always particularly easy to track down in practice, so it is helpful to find them in this book. There is also an appendix of useful addresses and websites. The appendices comprise about half the book, but that is not a criticism. They are helpful and there is considerable detail in the rest of the book.

The book contains some particularly useful material (a whole chapter on data exports) and is very well up to date, although it was not produced in time for the new Lawful Business Practice Regulations made under the Regulation of Investigatory Powers Act 2000 to be included.

The text is well set out and easy to follow, with clear headings and a full index. The employment and Internet sections could perhaps have been fuller, but that might reflect this reviewer's own personal practice bias, and certainly no practitioner wants to be swamped with detail. Just the right balance is struck between describing the legislation and commenting upon it.

This would be a very useful book for those involved in data protection, and could be read by both lawyers and non-lawyers alike with ease.

Data Protection in the UK by Peter Carey is published by Blackstone Press in paperback, ISBN 84174 1272, 373 pages, see http://www.blackstonepress.com. The author's e-mail address is pwcarey@hotmail.com.