Vontu

Vontu is a company based in San Francisco, delivers the industry’s only Data Loss Prevention solution to proactively monitor and stop confidential information – including customer data and intellectual property – from being sent outside the corporate network via email or the Internet.

Vontu acts as a security guard at each exit point on the corporate network. When an employee attempts to email your top client’s private account information in violation of company policy, Vontu prevents the transmission.

If you sign in you can download reports about most trusted companys and futher informatin about privacy and data protection.

Foundation for information policy research

The Foundation for Information Policy Research is an independent body that studies the interaction between information technology and society. Its goal is to identify technical developments with significant social impact, commission and undertake research into public policy alternatives, and promote public understanding and dialogue between technologists and policy-makers in the UK and Europe.

During 2002-3, the foundation plans to focus its research, policy development and lobbying in five key areas:

Trust in E-commerce and E-government
Surveillance and security
Intellectual property and the public domain
International law and the Internet
Academic freedom

These are just some of the most pressing public policy issues raised by advances in information technology. The subject matter is legally and technically complex. It affects everyone, and decisions made in the next few years will be irreversible. But Government policy making is not always informed by a full appreciation of the consequences either for business or for the individual consumer and citizen. The foundation aims to raise the quality of public debate while there is still time to do so.

Guide " Halte aux publicités " et Carte d'identité

Créée par la loi n° 78-17 du 6 janvier 1978 relative à l'informatique, aux fichiers et aux libertés, la Commission Nationale de l'informatique et des libertés CNIL á France est une autorité administrative indépendante chargée de veiller à la protection des données personnelles.

La CNIL á publiée un raport sur le spam "Halte aux publicités" ,elaboré par les services de la CNIL, ce guide vous aide à comprendre et à agir contre les publicités non sollicitées.

Aussi la CNIL analyse l' emploi de la biométrie, qui se développe dans les procédures de contrôle et d’identification des personnes tant dans les pays européens.

En France, le ministère de l’Intérieur envisage de remplacer la carte d’identité actuelle par une carte à puce intégrant empreintes digitales et photo : ces données pourraient aussi être enregistrées dans un fichier central. La CNIL sera consultée pour avis sur ce projet qui soulève des questions majeures au regard des principes de protection des données personnelles. C'est pourquoi elle a entrepris un certain nombre d'actions, et afin d'en rendre compte et de nourrir le débat de fond, a décidé d'ouvrir sur son site le dossier "biométrie et titres d'identité"

OECD

Organisation for Economic Co-operation and Development has a Directorate for Science Technology and Industry who works with Information Security and Privacy issues.

And they have a OECD Privacy Statement Generator that provides guidance on conducting an internal review of existing personal data practices and on developing a privacy policy statement. It gives links to private sector organisations with expertise in developing a privacy policy. It offers links to governmental agencies, non-governmental organisations and private bodies that give information on applicable regulations.

Top 5 privacy issues for 2005 by L. Ponemon

This paper by Larry Ponemon talks about the top 5 privacy issues for 2005.

During the past year, Ponemon Institute has surveyed thousands of individuals on a variety of issues affecting their privacy, from a universal credentialing system to Internet ads that use personal information to target prospective customers. Emerging trends from our research suggest that individuals view their right to privacy as increasingly important and worry about how organizations collect, use and share their personal information. Other concerns include cybercrime, abusive marketing and loss of civil liberties.

1. Identity Management: Balancing privacy and security
2. Phishing and Spoofing
3. Internet Advertising
4. When You Fly, Privacy Takes a Back Seat to Security
5. Consumer Trust Has a Dollar Value

European Digital Rights

European Digital Rights was founded in June 2002. Currently 17 privacy and civil rights organisations from 11 different countries in Europe have EDRI membership.

EDR covers many issues relating to privacy and digital rights, from data retention to copyright and software patents, from the transfer of passenger data to freedom of speech online and the security and privacy problems arising from e-voting.

The Public Voice

The Public Voice project was established to promote public participation in Internet policy making on issues ranging from privacy and free expression to consumer protection and Internet governance. Through international conferences, reports and funding for travel the Public Voice project seeks to increase the presence of NGOs at meetings across the globe. In cooperation with the OECD, UNESCO, and other international organizations, the Public Voice project brings civil society leaders face to face with government officials for constructive engagement about current policy issues. Public Voice events have been held in Buenos Aires, Dubai, Hong Kong, Ottawa, Paris, Washington, DC, and Hawaii.

You can see all these links on privacy issues.

There is also information about The Privacy in a New Era: Challenges, Opportunities, Partnerships that was held in Wrolclaw Poland last september.

There are available presentations.

EPIC Urges Stop to RFID-Tracking Scheme for School Children

EPIC, along with EFF and the ACLU-Northern California, urged the Brittan School Board in a joint letter to terminate an experimental program using mandatory ID badges tracking children’s movements in and around the school with RFID technology. The letter argues that the program breaches children's right to privacy and dignity as human beings by treating them like cattle or a piece of inventory, and that the RFID badges jeopardize the safety and security of students by broadcasting their identity and location information to anyone with a chip reader. For more information, see the EPIC Children and RFID Systems page.

new online consultations Working Party 29: IP and RFID

The Working Party 29 has adopted a working document on data protection issues related to intellectual property rights (Working Document 104) adopted on January 18th, 2005.

The working document recalls the application of the main data protection principles contained in the data protection Directive (Directive 95/46/EC) in the following two scenarios: First, in the deployment of on-line services using the so-called digital management of rights systems (?DRMs?). Second, in the processing of personal data to conduct investigations of users suspected of copyright infringement


Data protection issues related to RFID technology
On January 19th, the Working Party 29 adopted a Working Document on data protection issues related to RFID technology (Working document 105).

After outlining the potential use of RFID technology in various sectors, the Working Document recalls the need to comply with the basic principles set out in the EC data protection Directives (Directive 95/46/EC and Directive 2002/58EC) whenever personal data is collected using RFID technology. The paper also provides guidance to manufacturers of the technology (RFID tags, readers and applications) as well as RFID standardization bodies on their responsibility towards designing privacy compliant technology in order to enable deployers of the technology to carry out their obligations under the data protection Directive.

Berkman Center

At the Berkman Center for Internet & Society at Harvard Law School you can read this paper about DRM "Why DRM Should Be Cause for Concern" by Paul Petrick:

In response to piracy and online file trading, the music industry has begun to adopt technological measures, often referred to as digital rights management (DRM), to control the sale and distribution of music over the Internet. Previous economic analysis on the impact of DRM implementation has been overly simplistic. A careful analysis of copyright law and the microeconomic principles governing the music industry demonstrates that commentators have failed to account for factors relevant to the measure of social welfare within the music industry. This paper develops a more refined economic model that is better suited to accurately assessing how legal or technological changes like DRM will affect the music industry.

And another one: "Information Cannot Be Owned" by Jean Nicolas Druey:

Analyzing the phenomenon of information, the differences of its properties as compared with those of a physical object are illustrated and assessed as fundamental; ownership would therefore be for information a Procrustean bed leading to mere arbitrariness

Fraunhofer-SIT

The Fraunhofer-Gesellschaft undertakes applied research of direct utility to private and public enterprise and of wide benefit to society. The Fraunhofer-Gesellschaft maintains roughly 80 research units, including 57 Fraunhofer Institutes, at over 40 different locations throughout Germany. A staff of some 12,700, predominantly qualified scientists and engineers, works with an annual research budget of over one billion euros.

One of these institutes is the Institut Sichere Informations-Technologie (SIT) who provides services for all branches of industry.

SIT provides these services within the context of four new business units:

Security and Mobility

Identity and Rights Management

Secure Business Processes

Holistic Security Management and Business Continuity


For further information you can download their annual report.

Centre for Intellectual Property Policy & Management

The Centre for Intellectual Property Policy & Management(CIPPM) is a unique combination of academics, practitioners and industry colleagues committed to an interdisciplinary approach to the governance and application of innovation and creativity. The recognition of intellectual property management as an enterprise skill, and regulatory impact analysis are at the heart of the Centre’s mission.

Founded in 2000, CIPPM has rapidly achieved national and international recognition. Following start-up funding from the Leverhulme Trust, UK Patent Office and HEFCE, projects have been commissioned by the European Commission, European Patent Office, Arts Council, Social Science Research Council (New York), government departments and many commercial clients such as Delphi Automotive, Royal Sun Alliance and Gillette. See research & consultancy.
And research publications.

The Office of the Federal Privacy Commissioner Australia

The Office of the Federal Privacy Commissioner Australia is an independent Office which has responsibilities under the federal Privacy Act 1988 (Cth)
The Act provides protection for:

Personal information about you that is handled by federal and ACT government agencies;
Personal information about you held by all large private sector organisations, all private sector health service providers and some small businesses;
Credit worthiness information held by credit reporting agencies and credit providers; and
Personal tax file numbers used by individuals and organisations.

They have just published the 2004 Review of the Private Sector provisions of the Privacy Act

You can read comments by 125 Australian associations and organizations.

European Data Protection Supervisor

The European Parliament and the Council have enacted Regulation (EC) 45/2001 concerning the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data. This Regulation establishes an independent supervisory authority, called the European Data Protection Supervisor, responsible for monitoring the processing of personal data by the Community institutions and bodies. Besides, each institution has a Data Protection Officer who will cooperate with the EDPS and in particular notify him of certain sensitive data processing operations, such as those relating to health matters and evaluation of staff.

Contrôleur européen de la protection des données

Le Parlement européen et le Conseil ont adopté le règlement (CE) n° 45/2001 relatif à la protection des personnes physiques à l'égard du traitement des données à caractère personnel par les institutions et organes communautaires et à la libre circulation de ces données. Ce règlement institue une autorité de contrôle indépendante, dénommée le contrôleur européen de la protection des données (CEPD), chargée de surveiller le traitement des données à caractère personnel par les institutions et organes communautaires. En outre, chaque institution dispose d'un délégué à la protection des données qui coopère avec le CEPD et l'informe en particulier de certaines opérations de traitement de données sensibles, telles que les données relatives à la santé ou à l'évaluation du personnel.

DataProt and European law

DataProt is a european project, training for trainers in Data Protection.

This tutorial is available in spanish and english, and it's a fun way to know how it works european data protection law.

You can also download this report EUROPEAN UNION DATA PRIVACY REQUIREMENTS A U.S. PERSPECTIVE by Mayer, Brown, Rowe & Maw LLP.