Interesting People mailing list archives
IP: Re: CFP98 Conference Report
From: Dave Farber <farber () cis upenn edu>
Date: Wed, 04 Mar 1998 04:23:55 -0500
From: reidenberg () sprynet com Date: Tue, 3 Mar 1998 20:43:43 -0800 (PST) For the IP list-- I enjoyed Danielle Gallo's CFP98 Conference report, but the paragraph on my panel "Privacy and Encryption Law in France" leaves some misconceptions. French law for 20 years has permitted the French data protection agency, the CNIL, to prohibit transborder data flows to countries lacking sufficient privacy protection. The CNIL was not created to restrict international data flows, but rather was established to assure the protection of citizen's rights in the face of computerization of French society. For years, many other European countries have had similar laws (e.g. the U.K., Netherlands, Germany, etc.) The conflict suggested Gallo's review of Brian Kahin's talk is with the entire European Union and increasingly with the rest of the world's democratic countries concerned about privacy, not just with France. The EU Directive on data privacy mandates that all 15 European states prohibit transfers of personal information to countries that do not assure an "adequate" level of privacy. These provisions must be enacted into the 15 national laws by October 1998.
From Australia to Canada, privacy legislation is under consideration to
meet EU standards. The US is the exception trying to avoid legal standards for the protection of privacy. As a result, data flows to the US will have real problems once the Directive is implemented. I did also point out that within France, as well as elsewhere in Europe, there are some important compliance issues and problems. The application of data protection laws to on-line services will be particularly difficult. A colleague and I have just completed an extensive report "Data Protection Law and On-line Services: Regulatory Responses" studying Belgium, France, Germany and the United Kingdom for the European Commission that we hope will be released by the European Commission later this month. I will send an announcement once it is released. Joel Reidenberg On Tue, 03 Mar 1998, Dave Farber <farber () cis upenn edu> wrote:
Danielle Gallo's CFP98 Conference Report
Although many ideas and issues were raised in the panel on 'Privacy and Encryption Law in France', there are only a few I would like to touch on. Professor Joel Reidenberg of the Fordham University School of Law (http://www.fordham.edu/law/faculty/reidenberg/main.htm) cited the territorial impact of data protection. He suggested trans-border data flows enable data passing to places with inferior protection. This is of utmost concern to the French, who hold strong views on privacy. The French position on data protection issues prevents sensitive data such as political or religious beliefs to be transmitted without consent. Reidenberg concedes that there is not full respect for data privacy laws; therefore, organizations have been created to supervise enforcement -- for example, the CNIL (Commission Nationale Informatique et Libertes) in France. This part of the
discussion relates to Brian Kahin's keynote address, which cited the need for international agreements and well-defined principles. I think that compromise on these issues will be difficult because the French are very stringent on privacy issues and may not agree with the rest of the world.
****************************************************************** Joel R. Reidenberg Professor of Law Fordham University School of Law 140 West 62nd Street New York, NY 10023 Tel: 212-636-6843 direct 212-636-6890 secretariat Fax: 212-636-6899 Email: reidenberg () sprynet com Home page: <home.sprynet.com/sprynet/reidenberg> ******************************************************************* ******************************** See you at INET'98, Geneva 21-24, July 98 <http://www.isoc.org/inet98/>
Current thread:
- IP: Re: CFP98 Conference Report Dave Farber (Mar 04)