Project 2 Cloud computing
2/11/2021 Privacy Laws
https://leocontent.umgc.edu/content/umuc/tgs/cca/cca610/2211/learning-topic-list/privacy-laws.html?ou=541322 1/2
Privacy Laws
Privacy protections often govern activities such as information processing, data
protections, and how data may flow between systems.
Because governments worldwide are so diverse, there has never been any global
consensus on the major tenets of privacy—what it is, how it should be protected, and how
much it should be respected by law enforcement personnel. These laws vary from country
to country, and depending on where your organization operates, you may need to
determine how to comply with vastly different and often conflicting requirements. These
privacy laws are also fluid and are subject to rapid changes.
Examples of privacy laws for various areas of the world include privacy directives in the
European Union and the Personal Information Protection and Electronic Documents Act
(PIPEDA) in Canada.
European Approach to Privacy Laws
The government and the law play a major role in how many European countries handle
privacy issues. In Europe, the government is expected to defend its citizens' right to
privacy. Historically, the EU has tried to regulate privacy and streamline the approach to
privacy.
In the workplace, European privacy laws and court rulings generally skew toward
protecting personal information. Members of the European Union (EU) look to the 1995
Data Protection Directive (Directive 95/46/EC) as a guide in establishing workplace
regulations. In 2001, the Article 29 Working Party (WP29), a group of EU data protection
authorities convened to issue more specific guidance. According to an article in
the Privacy & Security Law Report (2011):
The WP29 generally recommends that monitoring should be avoided unless there is a
specific and important business need. It suggests that before implementing monitoring
policies, employers should consider whether monitoring is necessary and proportionate,
Learning Topic
2/11/2021 Privacy Laws
https://leocontent.umgc.edu/content/umuc/tgs/cca/cca610/2211/learning-topic-list/privacy-laws.html?ou=541322 2/2
and whether the same results could be obtained through traditional methods of
supervision. In addition, the WP29 insists that monitoring must be transparent and that
the processing of personal data be fair. Therefore, prior notice informing employees about
monitoring is essential (Retzer & Lopatowska, 2011).
Privacy Laws in the United States
In the United States, privacy laws are generally promulgated at the state level. For
example, California includes privacy protections in its state constitution and statutes: SB
1386 - Personal Information Protection and CA Civil Code 1798.83 - Personal Information
Protection.
In Maryland, the 2007 Maryland Personal Information Protection Act (MPIPA) protects
the privacy and personal information of state residents with requirements to protect
personal information during the disposal of records, adopt reasonable security procedures
and practices to prevent unauthorized access to personal information, and to provide
individual notification when a business has experienced a breach of security that may
result in the release and misuse of personal information.
References
European Commission (2007, June 28). The SWIFT case and the American Terrorist
Finance Tracking Program [Press release]. Retrieved from
http://europa.eu/rapid/pressReleasesAction.do?reference=MEMO/07/266
Retzer, K., & Lopatowska, J. (2011). Analysis: How to monitor workplace e-mail and
Internet use in Europe: The Polish perspective. Privacy & Security Law Report.
Retrieved from https://media2.mofo.com/documents/110718-privacy-and-
security-law-report.pdf
© 2021 University of Maryland Global Campus
All links to external sites were verified at the time of publication. UMGC is not responsible for the validity or integrity
of information located at external sites.