Pat
Some thoughts
Given that the EU directive was to harmonise laws across the EU states then
I would have thought the principles in the UK Act would be similar to those
of all EU states as at least a minimum standard.
The existing German DP law (pre directive) was more strict than other EU
states in that it started from a default position that processing was denied
unless certain conditions were met. As the EU directive could not reduce
existing privacy standards other countries had to bring their legislation up
to this standard.
It is likely that your transfer issue would therefore be related to meeting
a processing condition as required by the First principle in the UK Act more
than a consideration of the 8th principle which should permit the transfer
to an EEA territory.
UK Act to be, first principle processing conditions being:
Processing with consent
Necessary for the entering into or performance of a contract to which the
data subject is a party.
Necessary for a legal obligation other than contract
Necessary to protect the vital interests of the data subject.
Provided one of these 4 conditions are true a data subject cannot effect a
block on the transfer.
There are two other processing conditions
Necessary for administration of justice or exercising regulatory powers
Necessary for the legitimate interests of the data controller provided these
do not conflict with those of the data subject or by special order.
One other assumption - Data presumably not of a sensitive catagory as likely
that special rules will apply similar to UK Act.
Hope this assists
David Wyatt
----- Original Message -----
From: Walshe, Pat <[log in to unmask]>
To: <[log in to unmask]>
Sent: 14 July 1999 16:14
Subject: German DPA
> Anyone up on German data protection legislation?
>
> What exists in German DP law to prevent the transfer of a customer's
> personal data to another EU member country or to prevent access to data
held
> in German from a parent company based in another EU state?
>
> I cannot find anything in the Federal Data Protection Act (BDSG) or the
> Telecom Act (TKG) that prevents this?
>
> Any thoughts
>
> Pat Walshe
> Law Enforcement Liaison Manager
> International Security Group
>
> MCI WorldCom Ltd
> 14 Gray's Inn Road
> London WC1X 8HN
>
> Registered in England No. 2776038
>
> Tel: +44 (0) 20 7 675 4221
> Fax: +44 (0) 20 7 675 4375
> Pager: 0941 128405
> Mobile: 07775 904 142
> Email: [log in to unmask]
>
> Intranet: http://iguide.mciworldcom.com/index/3/4/294/
> Intro to Data Protection Act 1998: http://www.open.gov.uk/dpr/eurotalk.htm
> Data Protection & Your Rights: http://www.open.gov.uk/dpr/intro.htm
>
>
>
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|