January

"Unlike many European nations, Finland has mandatory national laws relative to drug testing. That means there are actual rules and regulations that must be followed in this country as opposed to a set of ""best practice guidelines"" as in the case in others countries in Europe. There are four laws in Finland that together regulate drug testing: 1. Act on the Protection of Privacy in Working Life: As the name suggests, this law aims to protect individual privacy in the workplace. It includes many requirements from direct necessity to employee relationship before processing personal data, employee consent, informing individuals for a drug testing requirement and drug test certificates. 2. Occupational Health Care Act: This law requires employers to provide health care to employees. It also regulates a few items concerning narcotics testing. 3. Act of Cooperating within Undertakings: This law regulates how company policies are drafted and implemented. It applies to the creation of an action programme on substance abuse prevention (as required in the Occupational Health Care Act) and the work tasks outlined in the Act on the Protection of Privacy in the Working Life. 4. Narcotics Act: In addition to outlining measures to prevent the illegal drug trade, this law provides many definitions that are referred to by the laws above. It is important to follow the trail that leads from this Act to other legal documents in understanding certain terms."

Andrea Vosshoff is the new Federal Data Protection Commissioner after being elected by the Bundestag with a majority of 403 votes. She is a CDU (Christian Democratic Union) politician, who sat in the Bundestag, the lower house of the legislature, from 1998 until September 2013. Peter Schaar retired after 10 years in the post.

The Bundestag made its decision based on the recommendation of the new coalition CDU|CSU|SPD government, which was formed on 17 December and proposed Andrea Vosshoff at its first cabinet meeting. Andrea Vosshoff is not well known in the data protection community unlike Peter Schaar, who was formerly the Data Protection Commissioner for Hamburg. However, it is common practice in many countries to appoint a person to head a national Data Protection Authority who is new to the subject. The Federal Commissioner has responsibility for the federal public sector and Telecommunications companies. Enforcement of the law for the private sector is carried out by the 16 Land (state) Data Protection Authorities.

"Dutch Data Protection Authority (CBP) Chairman Jacob Kohnstamm told the audience of the National Data Protection and Privacy Conference in Rotterdam that his office will get the power to fine organizations in both the public and the private-sector for violations of the Dutch Personal Data Protection Act (WBP). The fine could be as high as 780,000 Euros, or about U.S. $1 million, per violation. Earlier, Secretary of State Fred Teeven of the Ministry of Security and Justice had informed Parliament that he was about to send a bill to the cabinet giving the Dutch DPA the power to issue ""steep fines."" The bill, which was approved by the Dutch Cabinet December 6, is a change to another bill currently being discussed in the Second Chamber of the Dutch Parliament. The latter bill introduces a general data breach notification obligation in The Netherlands and gives the Dutch DPA the power to fine data controllers only for failure to notify the DPA about a breach. As a result of the recent change, the data breach bill is expected to be put on hold in order to allow the Council of State, the official advisory body to the cabinet and Parliament, to advise on the new fining powers. As the council 's advice is not expected before March or April next year, both the obligation to notify data breaches and the fining power are likely to come into force only on January 1, 2015."