Accredibase
Checking Facts Building Trust

Verifile

About Us...



Memberships and Registrations



Data sources



Who we are



Quality Policy



Link to us



News



International Newsletters



Follow us on Twitter

Find us on LinkedIn

Investors In People

ISO Accrediation



Verifile International Newsletter Issue #1

12 Aug 2013

Welcome to our very first international newsletter. Our goal is to provide you with the major legislative changes and significant issues from around the world which impact employers in relation to employment screening.

We hope that this will be the start of a new and exciting way to keep you up to date with such developments. Certainly over the years we have heard many of you asking for such information and we are pleased to be able to gather this for you in a concise newsletter.

 

We look forward to hearing your feedback on this special initiative as we wish to make it more relevant to you as we progress with future editions. Our intentions are to publish this newsletter at least once a quarter and possibly every other month.

 

 

 

 

World wide news

 

Increased Cooperation Between EU and APEC on Cross-Border Data Transfer Rules

 

A joint EU-APEC committee, which includes the French and German data protection authorities as well as the European Data Protection Supervisor and the European Commission, has been studying similarities and differences between the EU's binding corporate rules (BCRs) framework and APEC Cross-Border Privacy Rules. The committee's goal is to facilitate data protection compliance in this area for international businesses operating in the EU and the APEC region, including by creating a common frame of reference for both sets of cross-border data transfer rules.
Read more

 

 

Global Employee Mobility Assignments Expected to Increase in 2013

 

More than 70% of employers expect to increase short-term overseas assignments in 2013, according to a report on expatriate policies and practices by consultancy firm Mercer. The report found 55% of employers expect to increase long-term overseas assignments and highlighted for the last two years there has been an increase in the overall number of international assignments. It found China, United States, Brazil, UK and Australia are the priority destinations in their respective regions for expatriates.

 

The report also showed more than half of employers reported an increase of long-term (52%) and short-term assignments (53%) in 2011 and 2012. The top five reasons cited for international assignment programmes are: to provide specific technical skills not available locally (47%), to provide career management/leadership development (43%), to ensure knowledge transfer (41%), to fulfill specific project needs (39%) and to provide specific managerial skills not available locally (38%). Anne Rossier-Renaud, principal in Mercer's global mobility business said, "Mobility and HR directors now face great complexity in the number and type of international assignments that need managing." 
Read more

 

 

Corporate Lettings Market Rises With Senior Talent Demand 

 

Activity in Asia led the way as businesses increased their spending on relocating and hiring senior staff around the world in 2012, according to estate agency Knight Frank's ' Global Corporate Lettings Review 2013 .' The report, available online, notes that 60% of respondents to the survey noted a rise in corporate relocation budgets for senior executives last year.

 

Overall, the flow of talent is still from West to East, with three of the major business centres seeing greatest increases in prime rental growth across 2012 found in Asia (Beijing, Dubai and Shanghai), with the Kenyan capital of Nairobi topping the list with 17.9% growth for the second year running. Zurich completes the top five.

 

Global Firms Report Rise in Bribery and Corruption Risks

 

A report by risk management provider, Kroll, has revealed that 43% of global businesses said their bribery and corruption risks have increased in the past two years.The '2013 Anti-Bribery and Corruption Benchmarking Report' found that only 8% of companies said their risks have fallen in the past two years, and that half of the businesses questioned expect their bribery and corruption risks to increase over the next year.It was revealed that 80% cited expansion into new markets as the most common reason for the expected rise, while 60% stated more rigorous enforcement of anti-bribery laws and 56% said the creation of anti-bribery laws in new jurisdictions was the main reason.Despite these risks, the report revealed that 18% said that they either have an anti-corruption policy but don't require employees to read it, or don't have one at all.

Furthermore, 43% of firms surveyed said they only conduct a bribery and corruption risk assessment less than once a year, while 17% have never conducted a risk assessment.  

 

"Given the proliferation of bribery and corruption risks, due diligence on customers, new acquisitions, and business partners is an absolute necessity," said Melvin Glapion, Managing Director at Kroll Advisory Solutions.

Read more

 

 
What's More Important to an Organization: Reputation or Money?

By: Aniqa Bukhari

"Honest is the best policy." There is no doubt this old saying should be followed by anyone applying for a new job. Unfortunately, there are cases in which applicants are less than truthful during the hiring process, and the boss discovers discretionary information through some other resource. Such deception is occupational fraud, and represents a valid reason for denying employment.

But what if it is an employee already on your payroll- and doesn't have the qualifications for which he was hired? To stop and think about this possibility- unqualified employees working in sensitive positions at your organization - can be alarming indeed.

To look at it another way, which is scarier: imagine that you are waiting for takeoff in an airplane operated by fake pilots with forged licenses? Either of these realities would be frightening, and unfortunately, this is not just an abstract question. Unqualified employees with forced qualifications have penetrated even the highly prestigious aviation industry. A recent, shocking case that highlights this type of fraud involved a worldwide airlines, a National Flag Carrier in Southeast Asia, that dismissed four pilots who logged thousands of air travel hours for owning forged degrees. According to the news reports, one of the dismissed pilots of that State run Airline had flown over 25 years, and two of them had piloted special aircraft utilized by renowned individuals throughout the regime of Country's former military ruler.

Read more



Africa Middle East
Morocco

 

-DATA PROTECTION AND PRIVACY-

Convention 108 Accession to Strengthen DPA's Powers


Morocco has adopted a bill approving the Council of Europe's (CoE) Convention 108 for the Protection of Individuals with regard to Automatic Processing of Personal Data. Once ratified, Morocco will become the second non-member country of the Council of Europe to accede to Convention 108, following Uruguay. "The Moroccan Data Protection Authority hopes that ratification will lead to amendments to the Moroccan [data protection] law," said Floriane Leclerc, representative for the Association of Francophone Data Protection Authorities (AFAPDP). "It needs to be modified to reinforce the authority's ability to enforce the law, [and] its financial and functional independence" Morocco was first invited to accede to Convention 108 on 30 January 2013. Convention 108 is the first legally binding instrument governing data protection, adopted by the CoE in 1981, establishing minimum data protection standards. The CoE is in the process of discussing proposals to modernise the Convention in light of the upcoming changes proposed by the draft EU Data Protection Regulation. Morocco's accession will bring the total number of countries party to the Convention to 47.


South Africa

-DATA PROTECTION AND PRIVACY-  

The Protection of Personal Information Bill: Implications for Employers

The purpose of POPI is to give effect to the Constitutional right to privacy, by introducing measures to ensure the personal information of "data subjects" (including employees) is

safeguarded when it is processed by "responsible parties" (such as employers). POPI provides conditions for the lawful processing of personal information. It sets out eight core information protection principles and conditions, including accountability, purpose specification, information quality, openness, security safeguards and data subject participation. Employers will have to comply with these principles whenever personal information of employees is collected, stored or used. Certain types of information such as ethnicity and trade union membership are considered 'special personal information'. The processing of such information is prohibited unless it falls within a statutory exception.

Read more


Asia Pacific

 

 

 

 

 

Southeast Asia Responds to Worker Demands with Labor Reforms   

 

The founding members of the Association of Southeast Asian Nations, or ASEAN (Indonesia, Malaysia, the Philippines, Singapore and Thailand), have all experienced remarkable economic growth since the organization was founded in 1967. Singapore alone went from a GDP of $1.3 billion to $239.7 billion in 2011. And while the other original ASEAN countries may not be as prosperous as Singapore, they are enjoying growth rates unheard of in the rest of the world. Malaysia's GDP grew 5.6% in 2012, and Indonesia's grew 6.4%, compared with the United States' 2.2%. However, wages in Southeast Asia (except Singapore) are among the lowest globally. Low wages are leading to increased union mobilization across Southeast Asia, and strikes are increasingly common. Some politicians have responded by establishing higher minimum wages and better worker protections. But what can an American or European HR manager expect when looking to hire in these countries? A lack of skilled labor is the first pitfall. As a result, local workers with the right combination of education and skills are highly sought after, and the competition for them is fierce.

 Read more


Australia

 

-OCCUPATIONAL FRAUD-

Protect Your Company From Internal Damage

 

A recent case has highlighted the need for companies to put strategies in place to protect their businesses from internal fraud. A former company director pleaded guilty to 14 counts of fraud in the Brisbane District Court after being prosecuted by the Australian Securities and Investments Commission. Reports have shown that employees facing difficult financial times can come under increased pressure to commit fraud. Everybody in an organization can help to reduce fraud - but having a risk management strategy in place can be especially helpful. To reduce the risk, companies can: put policies in place which define fraud; put policies in place to detect fraud;

regularly review fraud-related policies; and insure against losses resulting from fraud. Employees are especially well-placed to detect fraud, and should feel empowered to do so. It is especially important that they feel they can report any suspicions they have without fear of retribution.

Read more

 

-CRIMINAL RECORDS-

Pre-employment Criminal Records Checks - Reasons for Employers to Tread Carefully

 

A recent finding by the Australian Human Rights Commission (AHRC) that an employer discriminated against a job applicant by failing to offer him employment as a market analyst because of previous drink-driving convictions, highlights the need for caution when carrying out pre-employment criminal record checks on prospective employees. Australia-wide Federal legislation recognises that discrimination occurs where a prospective employee has been denied employment on the ground of their criminal conviction if the nature of the conviction does not affect the candidate's job requirements. However, the legislation does not go as far as making that discrimination unlawful and although the AHRC can investigate alleged acts of criminal record discrimination, it does not have the power to award compensation or to 'punish' the offending employer. Employers should consider making offers of employment contingent upon a criminal records check satisfactory to the employer. Employers should also avoid a 'zero tolerance' approach to criminal records in the recruitment process.    

Read more

 

The Importance of 'No Conviction Recorded' for Work Health and Safety Prosecutions in Queensland

In prosecutions under the Queensland Work Health and Safety (WHS) laws, the Industrial Magistrate hearing the matter has the discretion to not record a conviction. Often, the object of securing a non-recorded conviction is to protect the Defendant's brand. Importantly, a non-recorded conviction does not need to be disclosed in certain situations (for example in tenders, or in foreign visa applications). Until now the Queensland WHS regulator has published the identity of parties who are convicted, whether a conviction is recorded or not.  

 

Recently the Supreme Court in Queensland found that the regulator's publication of a party's details on its website where no conviction was recorded, was unlawful. The court's discretion whether to record convictions when passing sentence will now be considered in greater detail during WHS prosecutions.

 

Parties whose identifying details appear on the Queensland Workplace Health and Safety Prosecution List webpage can require the regulator to remove their details where no conviction was recorded. That would avoid Google type searches identifying them in relation to the conviction.

Read more


China

 

-DATA PROTECTION AND PRIVACY-

China's Evolving Personal Data Privacy Landscape    

 

The first ever national standard on personal data privacy protection has come into force in China. The guidelines, called the Information Security Technology - Guide for Personal Information Protection within Public and Commercial Information Systems (Guidelines), were originally proposed by the nation's telecoms regulator, the Ministry of Industry and Information Technology in 2011 and subsequently released by the Standardization Administration of China. The Guidelines provide guidance on protecting personal information handled in information systems and applies generally to the private sector. While the Guidelines do not have the force of law, the introduction of a general national standard on personal data privacy protection marks a significant move for China. The China Software Evaluation and Test Centre have announced it is forming a self-regulatory group to play a consultative role in future legislation in the personal data privacy arena. Organizations should take active measures now to prepare their data collection, handling and processing/use practices for compliance with the best practice Guidelines.  
Read more
     

 


-CRIMINAL RECORDS-
  

China's Rule Sealing Juvenile Records May be Revised

China's top prosecuting authority said it is looking into revising a regulation that limits access to juvenile criminal records, a move that many attorneys have called for. According to Han Yaoyuan, director of legal policy research for the Supreme People's Procuratorate, the authority is aware of the difficulties in enforcing the rules and is collecting suggestions. If it happens, legal experts say it could pave the way to changing a similar article in the Criminal Procedure Law that has caused confusion due to nonspecific language. The debate focuses on rules about sealing the criminal records of minors, which came into effect with the revised Criminal Procedure Law on Jan 1. Many prosecutors have complained that they were confused about how to carry it out. Under the original law, the criminal records of people under 18 can be sealed if the sentence is less than five years. The article aims to better protect juveniles' rights, but it does not clearly define the legal organs or related departments that can access the files, said Zheng Ruizhi, a prosecutor in Beijing's Dongcheng district. 

 

 

Foreigners In China With Criminal Records

 
More efficient measures should be taken to ensure that foreigners with criminal records are banned from working in China, senior officials with the department that oversees attracting and managing international professionals said. The officials' remarks came after a British man who is wanted for allegedly raping a child in the United Kingdom and had been a teacher at an international school in Beijing was detained in the Chinese capital. "Such cases are not common. The overwhelming majority of foreign teachers in China are outstanding," Xia Bing, director of the Department of Cultural and Educational Experts under the State Administration of Foreign Experts Affairs, said at a forum. Xia has urged schools that employ foreign teachers to remain vigilant. Chen Huabei, director of the Information Research Center of International Talent under the administration urged bureaus of foreign experts affairs to strengthen management of foreigners as well as to provide more care and better services for them. A foreigner who is permitted to work as a teacher in China should acquire a foreign expert certificate granted by a local bureau of foreign experts affairs.
 

Read more


India

 

Corruption, Disasters Key Risks for Indian Companies - Survey

Strikes, political instability, cyber security and corruption have emerged as the biggest risks facing India's booming business sector, but terrorism, natural disasters and crimes against women are also perceived as key threats, a new survey says. The India Risk Survey 2013, conducted by leading corporate risk management firm Pinkerton, has found that while India is seen as one of the world's most promising economies, it also faces some of the most dynamic risks. The survey found strikes and civil unrest to be the number one risk facing industry, followed by threats from political and governance instability, cyber security and corruption, and bribery and corporate frauds respectively. Respondents said natural disasters, terrorism and insurgency, workplace violence and sexual harassment were prominent, but less significant risks. "The survey is an attempt to sensitise the government and the corporate world about emerging risks and the danger they pose, so that well-planned strategic policy decisions could be formulated and implemented," said Federation of Indian Chambers of Commerce and Industry Secretary General Singh.
Read more

 

 -EMPLOYMENT OUTLOOK-

 

New Delhi Job Market Strong but South and West Sluggish

New Delhi and the National Capital Region (NCR) produced the best employment results, between April and June 2013, with 27% of the job market share, according to the Associated Chambers of Commerce and Industry of India. New Delhi-NCR generated over 34,000 jobs in Q1 2013, a year-on-year increase of approximately +16%. IT, Information Technology-enabled Services (ITeS), and hardware sectors created 47% of the jobs in New Delhi-NCR. Academic appointments accounted for the second most successful sector with 14% of the market share, followed by banking, insurance and financial services with over 6%. Kolkata was another high performing region with the second highest job creation numbers. New jobs totaled 6,500, a year-on-year increase of 1,000 jobs. IT, ITeS, and hardware sectors again created the most jobs with a 38% market share in the region. Bangalore recorded a +7% increase in new jobs number during the same period. New job figures in Chennai dropped by -21% year-on-year, with 2,200 fewer jobs created. Mumbai experienced the biggest decline in number of jobs created, falling -28% compared with last year.
Read more


Malaysia

 

-DATA PROTECTION AND PRIVACY-

Expect More Spam: No Data Privacy for Malaysians Yet Despite 2010 Law

No date has been set for the enforcement of the Personal Data Protection Act 2010. "It will be enforced as soon as possible," said Communication and Multimedia Minister Datuk Seri Ahmad Shabery Cheek, though he declined to be more specific as to whether it will be in force by the end of the year. Malaysian Communications and Multimedia Commission (MCMC) Chairman Datuk Mohamed Sharil Mohamed Tarmizi noted that as data crosses all industries, "there will be a lot of consultation, which we would have to go through those first, as the regulator in each sector has its own data protection requirement." The act plays a crucial role to safeguard the interest of individuals and make it illegal for corporate entities or individuals to sell personal information or allow third party the use of data. Singapore has a similar Act that came into force in 2013. On the issue of the possibility of regulating local online portals as done in Singapore, Ahmad Shabery said that MCMC is studying the issue. "There is a limit, even for countries that propagate freedom of expression," said Ahmad Shabery.
Read more


-EMPLOYMENT OUTLOOK-


Malaysia Boleh!


Prime Minister Datuk Seri Najib Razak has alluded to the spirit of "Malaysia Boleh" or "Malaysia Can", when describing the country's progressive economic strategies. Malaysia continues to be a growing knowledge and service-based economy but challenges including a lack of workforce planning and insufficient investment in staff training and development could present barriers to progress in 2013, recruitment consultancy Hays has found.Also, the HR function in many organisations in Malaysia is still viewed as an administrative one. That perceived lack of credibility leaves fewer people wanting to go into the profession. Corporations in Malaysia constantly need quality talent to drive the country's national economic transformation programme (ETP). But finding that talent can be difficult. In this respect, the formation of TalentCorp Malaysia is testament to the close partnership between industry and government. The body's mandate includes providing incentives to bring skilled Malaysians back from overseas, and also building other channels to create a smooth supply of deployable talent in specific vocational areas.

"We are, however, moving in the right direction and glad to see that HR is increasingly being viewed as a value-add and strategic complement to the business in mainly multinational companies," says Kristoffer Paludan, Manager, Michael Page.
Read more


New Zealand

 

-DATA PROTECTION AND PRIVACY-

MP's Bill Step in the Right Direction


MP Sue Moroney has proposed a Privacy Amendment Bill, which would enact many of the Law Commission's recommendations by strengthening the powers of the Privacy Commissioner by empowering her office to issue compliance notices and conduct privacy audits of public and private sector agencies where this is warranted. The current complaints-driven process has been criticised as it fails to address systemic privacy breaches not exposed by individual complaints while other breaches escape detection and investigation altogether. The risks to individuals of inappropriate use and disclosure of their personal information and of identity theft are compounded as a consequence. The Law Commission's report also addresses several current mischiefs, such as cyber-bullying and application of the news media exemption from the Privacy Act to blogs. Especially pertinent is abuse, by individuals, of the so-called "personal use" exemption, which has allowed the posting online of much objectionable material about individuals. These matters are in urgent need of attention.
Read more


-OCCUPATIONAL FRAUD-  

Shoplifters Cost $1b as Staff Theft Soars

The Retailers Association of New Zealand reports that retailers lose as much as $1 billion annually to shoplifting by customers and employees.Association members say the continued economic upheaval is likely contributing to these record losses.And yet, according to Retail Crime Prevention Group spokesman Barry Hellberg, a great deal of retail theft goes unreported or unnoticed.Security consultants agree, also pointing out that almost half of the thefts are carried out by staff.Stores most often targeted include gas stations, certain department stores, and supermarkets.Common items depend on the business, but they include meat, cheese, beauty products, and power tools.Businesses have tried to combat these thefts with security cameras and electronic monitors, but experts say that these tools are ineffective unless people are actively monitoring them.
Read more


 

-CRIMINAL RECORDS-   

Jade's Killing Spurs Rethink

 

Justice Minister Judith Collins' plans to change trans-Tasman information sharing could mean a public register of serious criminals deported from Australia. The murder of Christchurch teenager Jade Bayliss has really focused everyone's minds on ensuring the new law becomes a reality. The change would allow Australian authorities to hand over border-control information to New Zealand police--including criminal convictions. At present, New Zealand police are told only that an offender is being deported from Australia, but they are not told of his/her criminal convictions. If they want that information, they have to request it through Interpol. Unless there is a serious threat to life,  

 

police cannot pass on an offender's history, even if a member of the public asks for it. Collins' plan would also have officials deciding whether the public should have access to criminal records by request or with an open register for serious offenders. Discussions about the potentially life-saving new legislation have already been held between officials in Australia and New Zealand and it will be presented to cabinet in the near future. However, Collins warned that it could take a long time to get through Parliament.

 


Singapore    

 

-DATA PROTECTION AND PRIVACY-

Privacy Matters


An increasing number of employers have begun demanding private login information to applicants' social media accounts. In the U.S., such practices may be a breach of privacy, however; there is no law in Singapore that guarantees employee privacy. Although this may change in the future, employers now are legally free to monitor their employees through any means - including tracking Internet history, e-mails, chat sessions and file downloads. Some companies even use GPS tracking on company devices to check on employee location. As a result of this lack of legislation, nothing is sacred when it comes to employee privacy - not even employees' social network accounts. Employers may not need to worry about legal ramifications, but employee privacy is still a minefield that should be approached with caution. With the boundary between an employee's personal and professional line is getting increasingly unclear, it is important that HR professionals do draw a line and stick to it. The best way to do this is to institute a social media policy and provide training and resources for employees to turn to.

 

Read more  

 

 

Countdown Clock Begins for Singapore Data Compliance

The official "in-force" date for Singapore's Personal Data Protection Act has been set for July 2, 2014, and organizations shouldn't underestimate the time and effort needed to ensure compliance. The is the day when the Act will come into effect and when organizations will need to complete data inventory mapping, process audits, staff training, and publication of various processes. Small and midsize businesses (SMBs) will be glad to note that several tools and trainings have been introduced by the PDPC (Personal Data Protection Commission) to aid the process, while larger organisations have slightly more than 13 months to finish their data compliance projects. Most projects should take around 9 months. Another point to note is that the more competent consultants in the industry will likely be snapped up so organizations should act quickly to secure such resources if they should require them. The government has also announced it would enhance information-sharing with other countries to prevent cross-border tax evasion, coming on the back of the ICIJ's "wikileaks" sized expose of the use of shell companies.
Read more

 

 

-EMPLOYMENT OUTLOOK-

Singapore is Fourth Most Attractive Location to Work


Singapore emerged as the fourth most attractive location in the world for professionals to relocate to, beating Asian rival Hong Kong which came in eighth. The top three most popular destinations were USA, UK and Australia. The report by Hydrogen titled: Global Professionals on the Move 2013, revealed that Singapore has also come in second for finance, and third for technology. The country has solidified its position as a major hub for oil and gas, energy, and commodities and banking, continuing to attract workers from abroad. With its highly developed industries and excellent quality of life, Singapore is known worldwide as a great location for expats to move to.The rising value of Asian professionals with international experience is a new feature of the global market in professional skills. Some 66% of global professionals who responded said their employers rated international experience as important or very important. An overwhelming 98% of respondents who had relocated, recommended the experience, and 86% said they wanted to stay longer.

Read more  

 

 

 

Europe   

 

 

-LEGAL ISSUES-

Firms Should 'Hit the Ground Running' for BCRs Under New EU Law
 

 

Companies should start the process for Binding Corporate Rules (BCRs) now so they will be ready for the new EU data protection regime, stated Eduardo Ustaran, Partner at Field Fisher Waterhouse LLP. ''BCRs should be the next big project for companies," said Ustaran. "The real success of BCRs is that they can be tailored to the way a company operates. BCRs are not just for multinationals; smaller companies can also benefit.'' In particular, the proposed EU Data Protection Regulation - put forward by the Commission in 2012 - recommends companies of all sizes adopt BCRs as a means of legitimizing intra-group transfers out of Europe, and states that they should be binding not only within companies but also with respect to third parties. Amendments submitted in January 2013 by EU Parliamentary Rapporteur Jan-Philipp Albrecht could add further obligations including data minimisation, limited retention periods and privacy by design. On the international front, the Asia Pacific Economic Cooperation (APEC) is currently examining ways to harmonise its Cross Border Privacy Rules to that of BCRs.
Read more

 

 

-DATA PROTECTION AND PRIVACY-

EU Postpones Crucial Vote on European-wide Data Regulation Law
 

 

The EU has delayed the vote on a controversial reform of data protection laws, which seek to implement a single law across all 27 member states. Industry bodies are running a lobbying campaign against the proposals, which they claim will have a "chilling" effect on UK business and prevent the UK from being the home of the next Twitter or Facebook. Organisations including the Internet Advertising Bureau, Interactive Media in Retail Group and Coalition for a Digital Economy signed an open letter to ministers, warning them that the European Commission's proposals to clamp down on data violations would hamper growth of the digital industry in the UK. It is understood the crucial vote was delayed in order to concentrate on the fallout from the Cyprus banking crisis. The EU argues that a single data protection law across all its member states would save businesses €2.3bn a year by removing "fragmentation and costly administrative burdens" and will boost growth and jobs by reinforcing "consumer confidence in online services". John Pooley, managing director at specialist agency The Data Partnership, said, "It seems the EU data regulators need to review their objectives and encourage data responsibility, rather than set out restrictive and widespread 'data gatekeeping'."
Read more 

 

 

Privacy a Central Issue in New Schengen Database

The European Information System called SIS (Schengen Information System) II is launching after substantial delays. The new database is intended to allow security officials faster and easier ways to exchange information, but privacy concerns abound. The main goal of the Schengen Agreement is to have a space of free movement without controls on the internal borders. All EU member states belong to the Schengen area with the exception of Great Britain, Ireland, Cyprus, Romania, and Bulgaria. In light of security concerns, the member states established the SIS in 1995 as a joint database to be used in manhunts. This system has now been reformed and enables European customs and border officials as well as police and prosecutors to search not just for missing people or criminal offenders, but also for cars and weapons. National and European privacy authorities are intended to help determine whether the SIS II conforms to their countries' standards. Some have reservations about the lack of uniform privacy standards in the EU. Federal Commissioner for Data Protection and Freedom of Information, Peter Schaar, believes that such a concentration of power is not in accordance with data protection standards.

He also says a situation is developing in which information about not just suspected criminals or criminal deeds is being collected, but simply everyday behavior.

Read more

 

 

WP29 Clarifies DPAs' Expectations of BSPRs 

 

The Article 29 Working Party (WP29) has adopted an Explanatory Document on the Processor Binding Corporate Rules (WP204), which clarifies the principles and elements of Processor Binding Corporate Rules or Binding Safe Processor Rules (BSPRs) as laid out in its Working Document 02/2012 (WP195). BSPRs are internal, legally binding, codes of conduct regarding privacy and security, aimed at guaranteeing clients of data processors that data transfers are adequately framed and protected. WP29 stated that data protection principles stemming from the Data Protection Directive (95/46/EC) must be incorporated within the BSPRs. They must also provide sufficient level of detail to allow DPAs to assess whether adequate safeguards are provided in relation to data processing and sub-processors. All BSPRs must contain: provisions guaranteeing a good level of compliance, audits, complaint handling, the duty of cooperation with the data controller and DPAs, liability, rules on jurisdiction, and transparency.
Read more

 

 

Binding Corporate Rules Webinar: Top 5 takeaways

Binding Corporate Rules (BCRs) are fast becoming the preferred method for intra-group worldwide transfers, due to their flexibility and the endorsement they have received from EU bodies and data regulators. Organised by DataGuidance in association with TRUSTe, the BCR Webinar 2013 explored the developing landscape of BCRs with leading experts in the field. DataGuidance compiled the top 5 tips for any company considering BCRs. 

Read more 

 

 

New EU Data Protection Law: Time to Start Preparing

If you use or collect personal data, you should be aware of three points - the new EU law is coming, it will affect your business and it could well involve significant costs. At present, UK data protection obligations are primarily governed by the Data Protection Act 1998 (DPA), which implements an EU Directive. The European Commission's proposals for reform are the subject of fierce debate and may still change. However, if they come into force as they stand, the implications are likely to include: Even more problems with consent; Significantly more red tape; New requirements for portability and deletion of data; Data processors will have to comply; and, Significantly higher fines. The proposal needs to be approved by both the European Parliament and EU Member States. It had been hoped that agreement could be reached by June of this year, but that now seems unlikely. However, there will be pressure to adopt the proposal by 2014, when the European Parliament and the European Commission are due for re-appointment. Make sure that budgets and planned financial forecasts for 2014-2016 include provision for compliance with the new law (including the appointment of "data protection officers").
Read more

 

 

  France

 

-DATA PROTECTION AND PRIVACY-


French Tax Proposal Zeroes in on Web Giants' Data Harvest  

 

The New York Times reports on the proposal to tax data collection with the goal of promoting sound practices for gathering and protecting information. French auditor Nicolas Colin, introduced the idea based on European countries' frustrations with their inability to collect tax revenue from Internet companies generating significant income each year, especially as budget deficits loom. "Every government needs revenues," Colin said, adding the individual taxpayer and small companies carry the burden if large corporations do not. Google and Facebook know that John Doe "likes" wine, is shopping for a Volkswagen and often e-mails Jane Doe. The new idea would require the companies to pay for gathering that information. While business plans built on mining consumers' personal information from the Internet are proliferating, so are concerns about the use of the data. Colin's tax plan would reward companies for providing their customers with useful information, while penalizing those that did not do so. Although the government commissioned the report, it is not an official policy document, and the finance ministry has yet to take a position on the idea.
Read more

 

 

CNIL Sets Forth Guidelines for Workplace Privacy Protection

 

The French CNIL has adopted and published a new set of guidelines that set forth "best practices" about privacy protection at work. According to the Guidelines, employers can monitor an employee's Internet use such as web-surfing and electronic mail. They can keep track of the list of websites visited and of the amount of time an employee spends online. However, they cannot use "keyloggers" to track all activities on a computer. Any monitoring must be declared by employers to the CNIL. Employers must inform their employees about the procedure in place, its aim and duration. Employers cannot access any email marked as "private" or "personal," except during a trial, and based on a court order. Additionally, employers cannot receive a copy of every email sent by employees. The first principle set forth by the Guidelines is that employers cannot use the result of illegal monitoring during a performance evaluation or against an employee under disciplinary procedure. The CNIL recommends that employers set up policies in their companies to notify their employees of every rule, or monitoring procedure in place.
Read more  

 

 

French CNIL Annual Report Shows Increased Complaints, Audits, Sanctions

 

The French data protection authority, the CNIL (Commission Nationale de l'Informatique et des Libertés), has published its annual report for 2012, emphasizing a significant increase in complaints, audits, and sanctions. The CNIL says it processed the largest amount of complaints in its history in 2012-over 6,000. Those complaints were received principally from private individuals regarding their right to access, rectify, or oppose data processing. In addition, CNIL audits increased by almost 20% since 2011. The audits were triggered as a result of the CNIL's annual programme of audits (approximately 40%), in reaction to public events (approximately 25%), or to complaints (23%). While the number of financial sanctions was relatively stable (4 versus 5 in 2011), the total amount of financial sanctions decreased. However, the CNIL has increased substantially the number of public sanctions, taking advantage of a new provision, which allows it to order the publication of its cease-and-desist letters. The CNIL's report dwells on the challenges of regulating big data, and argues that privacy protection does not necessarily have to create costs in terms of innovation and economic development.
Read more

 

   
Ireland

 

-LEGAL ISSUES-

Protection of Children and Vulnerable Persons - "Suite" of Legislation

 

Three legislative acts with far reaching implications are being placed on employers and organizations: The Criminal Justice (Withholding of Information on Offences against Children and Vulnerable Persons) Act, 2012 (Withholding Act), The National Vetting Bureau (Children and Vulnerable Persons) Act 2012 (Vetting Act), and Children First 2012 (Children First). The key provision of the Withholding Act is the creation of an offence of withholding information in relation to certain arrestable offences committed against children and vulnerable people. The intent is to introduce a form of mandatory reporting by creating the threat of criminal sanctions for those withholding information. The Vetting Act provides a legislative basis for the vetting of persons who seek positions of employment relating to children or vulnerable persons, making vetting mandatory. The overarching policy objectives of Children First is raising awareness of child abuse, recognizing and reporting child abuse, and the management of child safety concerns for specified organizations. The key provisions of the Bill, from an employer's perspective, is to train and set standards for its staff and volunteers and to appoint its most senior manager as a Designated Officer, to ensure children in its care are protected through recording, monitoring and reporting.
Read more

  

 

United Kingdom   

 

-BACKGROUND SCREENING-

   

73% of Employers Check Job Applicants' Social Media Profiles Before Offering Roles, Why Didn't Kent Police & Crime Commissioner?   

 

Online recruitment agency, RecruitmentRevolution.com, has commented on the resignation and current police investigation of Paris Brown, the seventeen-year-old Kent Police Youth Crime Commissioner who resigned after media reports that she had made "racist and homophobic" comments on her personal Twitter account. Kent Police & Crime Commissioner, Ann Barnes, had a duty of care to investigate the social media profile of Brown prior to offering her the role of Youth Police Crime Commissioner," said Anna Taylor, Co-founder and director or RecruitmentRevolution.com. "Had Barnes checked the social media profiles of the candidates, it is unlikely that Brown would have been placed in this position," said Taylor. A survey of 1,700 UK employers, undertaken by RecruitmentRevolution.com, found that almost three quarters of employers regularly check the social media pages and profiles of potential employees before offering them roles. Only 27% of employers surveyed do not check Twitter, Facebook, LinkedIn and other social media sites for information on job candidates. "We need to educate our young people that whatever they post on social media is on public record, can be easily discovered online and can come back to haunt them," concluded Taylor.
Read more

 

 

Social Media: A Legitimate Pre-employment Vetting Tool? 

 

There is currently no legislation in the UK that prohibits employers from considering information contained on applicant's social networking profiles when making a recruitment decision. However this does not mean that employers can conduct searches on social media sites when recruiting without fear of consequences. The danger for employers is that if a decision is subsequently taken not to appoint a candidate in circumstances which included a review of their Facebook (or other social media) page, then this could potentially give rise to allegations of discrimination. Vetting of job applicants via social media also involves processing personal data (when the employer either uses or records the information obtained), so employers must ensure that any vetting is compliant with the Data Protection Act. The ICO's guidance states: vetting should be used to confirm specific points rather than for general intelligence gathering; information should only be sought from sources where it is likely that relevant information will be revealed; and employers must avoid placing reliance on potentially unreliable sources.
Read more  

 

 

UK Background Check Changes

 

The new Disclosure and Barring Service (DBS) has now become operational. Introduced in an attempt to scale back the number of criminal record checks under the previous CRB system, it is clear that there are still some issues to do with the right to privacy to be resolved.Over the last year, a number of legislative and structural changes have been implemented in respect of criminal record checks. Combined with the effects of recent caselaw, these changes will be of great interest to employers and employees working with vulnerable members of society.

The Protections of Freedoms Act and the establishment of the DBS introduce changes that aim to strike a balance between protecting the vulnerable and facilitating employment. They do not however, alter the fact that certain legislation requiring criminal record checks has been declared incompatible with the right to privacy under Article 8 of the European Convention on Human Rights (ECHR). The outcome of this appeal and the implementation of the changes to the criminal record checks system should be watched closely by both employers and employees working with the vulnerable.
Read more 

 

 

-DATA PROTECTION AND PRIVACY-

Security Experts Fear UK Lacks Knowledge of EU Data Reform 

 

Data security expert, PHS Datashred, is calling for the EU to do more to educate British businesses on the financial impact of proposed changes to law. The company said that struggling British firms could be hit with an unexpected 'tidal wave' of cost associated with compliance to new European data laws if they are not fully prepared. PHS Datashred goes on to say that the proposals to change the law relate to the way data is handled and managed and that British companies could suffer significant costs in appointing data controllers to comply. According to a survey of 506 businesses by the Information Commissioner's Office (ICO), approximately 87% of businesses are unable to estimate the costs of the draft proposals to their organisation. The report also found that 40% of companies do not fully understand any of the ten main provisions being proposed and that none of those surveyed could accurately describe all ten provisions. Managing Director of PHS Datashred, Anthony Pearlgood said, "There is undoubtedly a requirement to bring the regulations into the 21st century but it should not be done before businesses are able to assess how much it will actually cost them.

  

 

Private Investigators Could Face £500,000 Fines for Accessing Data Illegally

 

Public authorities, police forces and members of the public are being asked to help uncover rogue private investigators, which could face fines of up to £500,000 (US$765,050) if they are found to have illegally accessed people's data. A new campaign launched by the Information Commissioner, aims to uncover the extent of the problem after issues were highlighted during the Leveson inquiry and by the Home Affairs Select Committee. Information Commissioner Christopher Graham, says that the majority of private investigators act in compliance with the Data Protection Act, however there are less scrupulous professionals out there that may by trying to take shortcuts by illegally accessing people's data. Some private investigators were also not meeting their obligations by failing to make sure the information they handled was accurate or that it was securely deleted once it was no longer required. Graham has now written to police forces, public bodies and private investigation firms asking them to report any concerns they have. "By shining a light into the darkest corners of the private investigation industry, we are aiming to root out any criminal elements that continue to cause public concern and blight the professional reputation of their counterparts," said Graham.
Read more

 

 

-CRIMINAL RECORDS-

 

Can I Really Find Out if I'm Employing a Criminal?

 

The Court of Appeal has ruled that the blanket disclosure of all criminal convictions and cautions may breach job applicants' human rights. In giving judgment, it said that, while the criminal records checks system and the disclosure obligations interfered with individuals' rights to privacy, the interference might be justified where the aim was a legitimate one, namely in order to protect employers and vulnerable people. However, the Court said that unfiltered disclosure of all convictions and cautions irrespective of their relevance was disproportionate to those aims and so breached the right to respect for private life. The Court did, however, say that the requirement to disclose serious offences was proportionate. This means that the Government may ultimately introduce a filtering system, which would take into account the relevance of information about an individual's criminal record to the job for which they are applying. However, the Government has applied for permission to appeal the judgment. On that basis, the Court has decided that its decision will not take effect in the meantime.
Read more

  

 

HR e-briefing: Criminal Records Certificates - What's Changing?

 

A number of recent developments in relation to the Disclosure and Barring Service (DBS) and criminal records checks will affect employers, in particular the new update service being launched on 17 June. The new subscription service is intended to make the vetting process of job applicants faster and more straightforward for employers. It will allow individuals, subject to them having subscribed to the update service for an annual fee of £13, to keep their DBS certificate up-to-date so they can take it with them when they move jobs or roles. There is no fee for volunteers. Employers will be able to carry out free, online, instant checks, known as status checks, to see if any new information has come to light since the certificate's issue, provided the same type and level of check is required, the individual has subscribed to the update service and has consented to the employer's check. To coincide with the launch of the update service, the DBS will only issue DBS certificates to the individual applicant, which will provide applicants with the opportunity to review and challenge any of the certificate's content before it is released to a registered body.
Read more



Some England Criminal Records Checks Can Now Be Monitored Online

 

A Government agency that carries out criminal records checks has introduced an online checking service.The Disclosure and Barring Service (DBS), which has an office in Darlington, has introduced the Update service, which will allow users to take their disclosure certificate from one job to the next, eliminating the need for repeated checks."The Update Service represents a step change in the way criminal records checks can be administered - online, said a spokesman for DBS."Subscribers to this service will have far greater control over their checks and organisations will benefit from savings as well as a being able to deliver a faster and streamlined recruitment and employment process."


-EMPLOYMENT OUTLOOK-

Increase in the World's Top Talent Moving to the UK, Study Finds
 
The UK is the second most attractive country in the world, after the U.S., for high-flying professionals to move to. Research published today from recruitment firm Hydrogen shows the UK is rapidly establishing itself as a firm favourite among foreign workers, particularly within technology. The Global Professionals on the Move 2013 report, which surveyed more than 2,000 workers in 90 countries has shown that, despite the challenges within its economy and the tightening of immigration controls, the UK still has an attraction for professionals worldwide. The report found the majority of professionals have not yet caught up with shifting global economic realities. Their top preferences are still almost exclusively in the developing world. Two-thirds of those having relocated are men, which means women are losing out, and there will be insufficient women in the pipeline for more senior positions, many of which now require international experience. "A lot of Europeans view the UK as a tech hub where you can work for exciting, fast-paced companies," said Dan Fox, managing director of technology practice at Hydrogen. "We're seeing a lot of Europeans coming to work in the UK. It's all about wanting to work for the up-and-coming companies."
Read more 

 
-REFERENCE CHECKING-

References for Ex-employees: An Employers' Guide to Avoiding Liability
 
Drafting references can be a legal minefield for employers. This has not been helped by recent confusion over whether ex-employees are protected against victimisation if they receive a negative assessment. Generally, there is no legal obligation on an employer to provide a reference for an ex-employee. An employer's policy on whether or not to give a reference needs to be consistent: a decision to provide a reference to some but not all ex-employees could be discriminatory under the Equality Act 2010 (the Act) if this is linked to protected characteristics. Where an employer does provide a reference it has a duty of care to the ex-employee and must take reasonable care in the preparation of the reference, which must be true, accurate and fair and not give a misleading impression. While the reference does not have to be comprehensive, it must not be misleading through omission. An employer may be liable for negligent misstatement where its reference gives an inaccurate impression and in extreme cases it may also be liable in the tort of deceit. Employers would be well advised not to refuse to give a reference just because the employee has made allegations, brought proceedings (or given evidence in connection with such proceedings) under the Act.
Read more  

 
-EDUCATION VERIFCATION- 
 
London College Scam Gang Jailed
 
Three people who ran a fake college have been jailed for a total of 22 years, following an investigation. Sohail Akhtar, Noasheen Muhammed, and Waqar Bhatti, were all found guilty of conspiring to assist a breach of immigration law following a 3-month trial. During the trial, a jury heard how Bhatti set up Middlesex College in 2004 and then employed his friend Akhtar and Akhtar's sister Noasheen Muhammed to run operations. The college was offering courses in anything from fashion to law at undergraduate and post-graduate level. The college claimed that some of these courses were being run on behalf of genuine universities. The college ran only a small number of courses in basic English, and was largely a front for conning genuine students who wished to study in the UK and the authorities into granting visas for bogus students. At the time, the college claimed to have around a thousand students enrolled. Officers discovered that the trio had printed the signatures of genuine former members of staff on false qualification certificates and enrollment forms to add a cover of respectability. "This was an extremely long and complex investigation into three individuals who spent years conning both legitimate students and the authorities," said Rob Allen, London's criminal and financial investigation team.
Read more 
   

North America

Canada

-LEGAL ISSUES- 

 

Appropriate for Board to Rely on Offences Committed Twenty Years Earlier

 

The Grievor, a bus driver/custodian, pleaded guilty to sexual offences involving minors twenty years ago and was convicted. One of the terms of his sentence prohibited him from seeking or maintaining employment that would put him in contact with children under the age of sixteen for a four-year period. The events giving rise to the conviction occurred before the Grievor began employment with the school board, but following his conviction, the Grievor was fired. In pursuing its grievance, the union argued that the Grievor should be retained in employment and assigned duties, which did not involve contact with students. The arbitrator concluded - without any direct evidence - that retaining the Grievor in employment would be seen negatively by the public and, more importantly, by the parents of children in the school district. In weighing this against the Grievor's fifteen years of discipline-free employment, the arbitrator was unable to conclude there was no risk of future harm to the students and concluded, therefore, that the employment relationship could not be salvaged. The grievance was dismissed.

Supreme Court Protects Workers' Privacy Rights

 

The Supreme Court has ruled that companies cannot institute mandatory random alcohol testing of employees. "Random alcohol testing is a humiliating invasion of an individual's privacy that has no proven impact on workplace safety," said Dave Coles, president of the Communications, Energy and Paper Workers Union of Canada. In 2006, Irving Pulp and Paper Limited in Saint John, N.B., unilaterally adopted a policy of mandatory random alcohol testing for employees in safety sensitive positions. CEP Local 30 filed a grievance challenging the policy after a worker was chosen randomly by a computer program to take a breathalyzer test. The test showed a blood alcohol level of zero but the worker said the test was humiliating and unfair. "Our union's long-standing position is that the best way to resolve social problems such as alcohol or drug abuse is to address the root cause of the problem", said Coles. "Rather than attack the victim, Corporate Canada needs to do a better job in offering employee assistance programs, drug education and health promotion programs."
Read more

   

-DATA PROTECTION AND PRIVACY-

Privacy Commissioner Pushes for Review of Canada's Personal Information Protection Act

A review of Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) is long overdue, said privacy commissioner Jennifer Stoddart. Specifically, Stoddart would like to see better transparency when law enforcement agencies and government organizations access the personal information of Canadian citizens without their consent. "Parliamentary schedule seems to overlook the fact that PIPEDA requires such a review every five years," said Stoddart, who noted that updating federal privacy regulation is a big concern. "The last review was scheduled in 2006." Information covered under PIPEDA includes a person's name, email address, health records, financial information, Social Insurance Number (SIN), and even fingerprints. Under the current act, Canadians' personal information may be obtained from such organizations for a wide range of purposes, including for issues of national security, intelligence gathering, and the enforcement of Canadian law. Stoddart suggests clarifying PIPEDA's use of lawful authority to determine under what circumstances, and by which authorities, personal information can be accessed and she also hopes to see changes to the way that PIPEDA governs the protection of personal information as it relates to corporate responsibility. 

Read more

   


Many Alberta Firms Ignoring Privacy Laws, Says FOIP Office Customer Complains Car Dealership Did Not Safeguard Personal Information

 

Many businesses are not complying with Alberta's law surrounding the collection, use and storage of customers' personal information, says the province's privacy office. The Personal Information Protection Act (PIPA), has been law for nine years, but a survey conducted by Alberta's information and privacy commissioner found 50% of companies haven't trained staff on protecting customers' information. A recent example of this involves an Edmonton woman who received a series of late-night text messages from a mechanic at Sherwood Ford who got her number when she had her car serviced, more than a year ago. Her privacy complaints to the company, the RCMP, Ford of Canada, and the Better Business Bureau, were ignored and dismissed. Brian Hamilton of the privacy commissioner's office says the case raises several concerns, including how many people in a business have access to customers' personal information. A greater privacy breach is using a customer's contact information for purposes other than the business reason for which it was gathered. The woman said her complaint would never have gone so far if the company had taken her concerns more seriously.
Read more

   

Employer References in the Age of Privacy

 

The law around references given to prospective employers by ex-employers is changing. There is no positive obligation on an employer to provide a reference for an ex-employee. On the other hand, the failure of an employer to give a reference has been found to be a factor courts will consider when determining the period of reasonable notice in a wrongful dismissal case. There are also risks in giving references. Whatever reference is given, and however it is given, it must be truthful. There have been cases where an employer has been sued for giving a false reference. There have also been cases where writers of 'bad' references were found to have defamed the person for whom the reference was written. If an employer is going to give references, it should have a policy, or standardized reference process. A policy helps to ensure consistency. A policy may also help an employer avoid liability in a case where a reference is given by someone not authorized to do so, and which is not in keeping with the employer's policy. Employers should also require, as a practice, consent from job applicants to seek out references.

PIPEDA Needs Reform to Bring Enforcement Powers

 

In Privacy Commissioner Jennifer Stoddart's recommendations for reforming PIPEDA, she says amendments should include stronger enforcement powers, mandatory data breach reporting, teeth behind accountability and increased transparency measures. "The root of many of the privacy challenges we face is that technology is growing so quickly that some companies are failing to address privacy issues in the competitive rush (and they are) creating products that can be used in highly privacy-intrusive ways, ways that consumers don't anticipate, much less knowingly consent to," Stoddart said. As many as one in four websites the Office of the Privacy Commissioner (OPC) has tested recently were either unaware they were disclosing information to third parties or were not clearly disclosing that they were providing information to third-party service providers. Stoddart said these are major privacy concerns, but "our law does not contain

the right incentives to make sure privacy is a consideration when companies produce risk assessments. It's clear that without amendments, PIPEDA will be even less up to the task in the future. The balance that PIPEDA is supposed to bring is increasingly not there."
Read more  


-DRUG TESTING-  

Mere Smell of Marijuana was not Enough: Employee was Entitled to Refuse Drug Test, Says Court

 

An employee was entitled to refuse to submit to a reasonable-suspicion drug test where a supervisor smelled marijuana in the employee's truck but had no other evidence of drug use or impairment, a Nova Scotia judge has held. The employee refused, saying "it is none of your business what I do when I am not here", and said that he was a recreational user of marijuana and that the test would be positive anyway. The employee was referred to a Substance Abuse Professional but refused to answer questions about his off-duty drug use. The City fired the employee for his "lack of cooperation and direct violation of the HRM Substance Abuse Prevention Policy." The employee grieved the termination, and an arbitrator reinstated him. The City asked the court to overturn the arbitrator's decision. The court noted that although the City had a legal obligation to protect employees' safety under OSHA, the arbitrator reasonably concluded that the evidence suggesting that the employee had used or been impaired by drugs on the job was very weak. In short, the fact that the City had "safety concerns" about the employee did not permit the City to dismiss him where the City did not have just cause.
Read more

   

 

-EDUCATION VERIFICATION- 

 

Catch Me if You Can: Dealing with Fraudulent Misrepresentation of Qualifications or Credentials in the Workplace

 
Surveys suggest that many job applicants lie on their resume and that education is the most frequently falsified qualification on a resume. There are only a handful of cases that have litigated this issue in Canada, but that doesn't mean it doesn't happen. When it does happen, it's typically resolved through negotiated exits, sparing both the employer and the employee public damage to their reputations. If the parties cannot agree and are forced into litigation, it should provide some comfort to employers that a fraudulent representation, when proven, may render the employment contract void or reduce overall liability. A fraudulent misrepresentation is one which is made with knowledge that it is untrue and with the intent to deceive You can prove fraudulent misrepresentation by establishing the following: 1. The representations complained of were made by the employee to the employer; 2. The representations were false in fact; 3. The employee either made the representations knowing they were false or made them recklessly without knowing whether they were false or true; and 4. The employer was induced to enter into the contract in question by the employee's representations. If you don't do your due diligence at hiring, you risk the real life drama of hiring a Frank Abignale. 

Read more


Mexico

 

-DATA PROTECTION AND PRIVACY-

Mexico's New Privacy Notice Guidelines Require Immediate Action

 

On April 17, 2013, Mexico's new Privacy Notice Guidelines will go into effect. The Guidelines impose extensive requirements for furnishing adequate data privacy notices and obtaining consent before personal data is collected directly from a person or electronically via "cookies," "web beacons" or other automated means. The Guidelines are mandatory and particularly important to employers that regularly collect, process, and/or transfer personal data about employees or job applicants, and to companies operating or advertising in Mexico that use cookies, web beacons, and similar media technology that automatically collects personal data online. As shown in a recent decision by the Federal Institute for Access to Information and Data Protection ("IFAI" for "Instituto Federal de Acceso a la Información y Protección de Datos"), sanctions may be imposed for noncompliance.

Read more

  

IFAI Shows Teeth with €1m Fine on Bank

 

The Mexican data protection authority, Instituto Federal de Acceso a la Información y Protección de Datos (IFAI) has imposed a fine on Banamex, the Mexican division of Citibank, of 16,155,000 MXN, approximately €1m or $US 1.3m. A data subject had sent a letter requesting Banamex to cease processing his/her personal data; however the company failed to comply. Following this, the Director General of Substantiation and Sanction wrote a letter to Banamex following a complaint from the data subject; however the company did not comply within the 10 days accorded to them. The IFAI further announced fines of approximately €130,000 ($US 170,300) against Mexican bank Caja Popular Cristo Rey and approximately €76,300 ($US 100,000) against fitness club Sport City. There is an opportunity for the companies to appeal the fines. The increase in enforcement follows Mexico's acceptance as the second formal participant of the Asia-Pacific Economic Cooperation Cross Border Privacy Rules System.
Read more


Russia and Eastern Bloc
Russia

 

-DATA PROTECTION AND PRIVACY-

Russia Signs International Data Protection Convention

 
Russia has reinforced its commitment to the protection of personal data by ratifying the "Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data" (Convention 108). Thorbjørn Jagland, Council of Europe Secretary General, received Russia's accession from Alexander Alekseev, the Permanent Representative and Ambassador of the Russian Federation to the Council. Among its principles, the Convention 180 establishes that individuals have the right to have access, rectify or erase their data when the information is not required for a specific purpose. In addition, each party must establish an independent authority to ensure compliance with data protection principles. Convention 180 is the only legally binding international instrument in its field, is open to any country and has the potential to become a global standard. The treaty will enter into force on September 1. Russia will become the 46th state to join Convention 108.
 Read more 

 

-CRIMINAL RECORDS-  

Russia Denies Entry To Some With Criminal Records

 

The government has sent proposals to the State Duma to limit entry for deported foreigners and foreigners with a recent criminal record.The proposed amendments to the federal laws on the procedure for the entry to and exit from Russia and on the legal status of foreign nationals specify cases when foreigners should be denied or can be denied entry. The amendments were drafted by the Federal Migration Service.

Foreigners who have been brought to administrative liability in Russia several times within the past three years may be denied entry. Those who have previously been deported, or have outstanding convictions for a premeditated crime, or have been brought to administrative liability in Russia several times within a year will be denied entry. A 10-year entry ban has been proposed for persons who have been denied readmission or have been deported several times before.   

Read more


South America
Brazil

 

-DATA PROTECTION AND PRIVACY-

   

Brazil Considers Data Protection Bill Again

 

The Brazilian government is again discussing the possibility of creating a data protection agency and a data protection regulation. According to Pablo Palazzi, a solicitor at Allende & Brea, Buenos Aires, Argentina, the Data Protection Bill, drafted nearly two years ago but never introduced to Congress, may now be opened again.  The Bill has been debated and discussed in academic during the last two years.

Read more


Columbia

 

-DATA PROTECTION AND PRIVACY-   

Data Protection Law Goes Into Force

 

The Colombian Data Protection went into effect on 18 April 2013. The Law introduces a comprehensive privacy regime in Colombia for the first time and regulates, among other things, notice and consent requirements, cross-border data transfers, and the processing of children's data. The Law also contains data subject rights and registration requirements. Under the law, the Superintendence of Industry and Commerce will have the power to sanction violations of the provisions.

Read more


Costa Rica

 

-DATA PROTECTION AND PRIVACY-

Costa Rica Adopts Information Privacy Law


Costa Rica now has its own laws on the storing, sharing, and access of personal information. Under Law #8968 individuals must now provide their express consent for the collection of their personal information in databases, and individuals will have the right to revoke that consent at any time.

   

The guidelines include the "right to informational self-determination," which is defined as the right of every individual to know what personal information of theirs is collected in databases, and for what purpose. The only exceptions are in cases where there is a court order, or when a resolution is adopted by a special committee of the Legislative Assembly.
Read more

   

Share
Share on Facebook
Share on LinkedIn




Previous Page
0


Follow us on Twitter
Follow us on Twitter
Find us on LinkedIn