1. European regulators launch privacy consultations
2. European Commission mulls internal privacy restructuring
3. Hungary's privacy chief speaks out against data protection law
4. Europe launches anti-spam initiative
5. Former Sonera executive face illegal surveillance charges
6. Choicepoint consumer data hacked

1. European regulators launch privacy consultations
Earlier this month, the EU's Data Protection Working Party (an advisory body to the European Commission) launched two public consultations into the privacy implications of Radio Frequency Identification (RFID) and digital rights management technologies.

In a report accompanying the RFID consultation, the Working Party warned businesses that attempts to link RFID devices - smart ID tags - with information on individuals could breach European data protection legislation. RFID tags are currently being used for a variety of purposes (eg. better management of retail supply chains, aiding product recalls, or as anti-theft devices) but civil liberties groups and privacy regulators have expressed concerns that the technology could be used to track and profile individuals.

The Working Party suggested that organizations are likely to run into legal difficulties unless consumers agree to have their details linked in with RFID devices. "Under most of the scenarios where RFID technology is used," said the report, "consent from individuals will be the only legal ground available...to legitimize the collection of information through RFID".

In a separate report, the Working Party suggested that attempts to prevent online copyright theft of music, games and software present serious privacy risks for Internet users. Industry is increasingly turning to the use of digital rights management technologies (DRM) to monitor and control access to copyright protected material. The Working Party, however, raised serious questions over the use of unique identifiers in DRM products that could be used to monitor Internet users' activities. The Working Party urged industry to build stronger privacy controls into new DRM technologies and argued that Internet users should have the right to access protected information on an anonymous basis.

Interested parties have until March 31st to submit their responses to the two consultations.

Click here for more details on the consultation and the Working Party position papers

2. European Commission mulls internal privacy restructuring
The European Commission is considering moving its data protection unit out of the remit of the Internal Market directorate and placing it under the responsibility of the directorate for Justice and Home Affairs. Speaking at the British Institute of International & Comparative Law's data protection seminar on Tuesday, Niovi Ringou, Deputy Head of the Commission's Data Protection Unit, said that the outcome was still uncertain, but that the Commissioner's college could reach a decision within the next month.

3. Hungary's privacy chief speaks out against data protection law
Dr Attila Peterfalvi, the Parliamentary Commissioner for Data Protection and FOI, has criticised Hungary's Data Protection Act, labeling its regulations on overseas data transfers as excessive.

Speaking at a seminar held by the British Institute of International & Comparative Law on Tuesday, Peterfalvi explained that data transfer regulations were causing real problems for organizations trying to move data outside the country.

"Our Act is simply bad," said Peterfalvi, adding that Hungary's 1992 privacy law "must be modified" to bring it further into line with the EU Data Protection Directive.

Along with nine other Central and Eastern European countries involved in last year's accession to the European Union, Hungary has had to implement a number of changes to its national data protection law. The data transfer rules, however, were not amended and require organizations to go further than required under the European directive.

Peterfalvi explained that his office has presented a more pragmatic solution before Parliament and is currently waiting approval. He added that the two-thirds majority voting system adopted by Parliament has made it difficult to push through legislative changes, but said the Ministry of Justice has indicated that the proposed amendment is likely to be approved in the Spring of this year.

4. Europe launches anti-spam initiative
Earlier this month, a coalition of 13 European data protection regulators and consumer ombudsmen launched a joint initiative to combat the threat of unsolicited spam e-mail. Despite a host of global anti-spam legislation implemented over the last few years, spam is still proving to be a major threat. January figures from e-mail security firm MessageLabs showed that 80 per cent of e-mail traffic was spam-related.

In 2002, the European Union adopted an anti-spam directive which has since been implemented into national law by most European member states. Enforcement activity, however, has been relatively low. Under the new anti-spam initiative, European regulators have agreed to take on a more proactive enforcement role through sharing information, improving cooperative procedures and pursuing spam-related complaints across borders.

Commenting on the new initiative, Information Society & Media Commissioner Viviane Reding said, "Enforcement authorities in Member States must be able to deal effectively with spam from other EU countries, even though at present most spam originates from outside the EU."

Reding added that further efforts were being made by the European Commission to combat the wider global implications of unsolicited e-mail. In addition to the European initiative, she said, "we are working on cooperation with third countries both bilaterally and in international fora like the OECD and the International Telecommunication Union."

Members of the new coalition include: