Archive

Posts Tagged ‘Data Protection Directive’

Do you know what is your child’s age requirement to sign up online?

May 27, 2013 1 comment

As the Internet permeates every aspect of the economy and society, it is also becoming an essential element of our children’s lives. While it can bring considerable benefits for their education and development, it also exposes them to online risks such as access to inappropriate content, harmful interactions with other children or with adults, and exposure to aggressive marketing practices.

Children online can also put their computer systems at risk and disseminate their personal data without understanding the potential long-term privacy consequences.

In addition, there are other risks for children using online environments, such as:

Privacy risks

-cyber-bullying

-cyber-stalking

-age-inappropriate content

-online grooming

-identity theft

-emotional implications.

Beside support and guidance from parents when using the online environment, an appropriate mental development and understanding is important for a child when using an online platform. For these reasons, in both the United States and the European Union, a minimum age requirements for accessing the “online world” was set as a legal requirement.

E-Crime Expert thinks that the minimum age requirements a child should meet when signing up for an email account, Facebook, etc., should be a topic of interest for parents. For these reasons, we researched the minimum age requirements on some of the most popular online sites and platforms.

The Children’s Online Privacy Protection Act (COPPA) in United States applies to the online collection of personal information by persons or entities under U.S. jurisdiction from children under 13 years of age. It details what a website operator must include in a privacy policy, when and how to seek verifiable consent from a parent or guardian, and what responsibilities an operator has to protect children’s privacy and safety online including restrictions on the marketing to those under 13. While children under 13 can legally give out personal information with their parents’ permission, many websites altogether disallow underage children from using their services due to the amount of work involved.

In the European Union, the European Commission released in January 2012, a Proposal on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation).

This Proposal has specific requirements with regards to Children. They deserve specific protection of their personal data, as they may be less aware of risks, consequences, safeguards and their rights in relation to the processing of personal data. To determine when an individual is a child, this Regulation should take over the definition laid down by the UN Convention on the Rights of the Child.

“Article 8
Processing of personal data of a child

For the purposes of this Regulation, in relation to the offering of information society services directly to a child, the processing of personal data of a child below the age of 13 years shall only be lawful if and to the extent that consent is given or authorised by the child’s parent or custodian. The controller (i.e. the person in charge with the collection, use and disclosure of personal data) shall make reasonable efforts to obtain verifiable consent, taking into consideration available technology”.

Following, are the minimum age requirements for children using different Internet websites or Social Networking Services and other online platforms:

facebook-age-restriction

 1.      Facebook:

How old do you have to be to sign up for Facebook?

In order to be eligible to sign up for Facebook, you must be at least 13 years old.

The minimum age requirement on Facebook is more or less enforceable. Simply lying about your birthdate easily circumvents the policy.

The Children’s Online Privacy Protection Act (COPPA) mandates that websites that collect information about users aren’t allowed to sign on anyone under the age of 13. As a result, Facebook’s Statement of Rights and Responsibilities require users of the social network to be at least 13 years old (and even older, in some jurisdictions).

According to MinorMonitor, over 38 percent of children with Facebook accounts are 12-years-old and under. Even more worryingly, 4 percent of children on Facebook are reported to be 6-years-old or younger, which translates to some 800,000 kindergarteners on Facebook.

These results come from a survey of 1,000 parents of children under 18-years-old who use Facebook. The company provides a free, web-based parental tool that gives parents a quick view into their child’s Facebook use, including potential dangerous activities such as the friending of online predators, cyberbullying, violence, drug and alcohol use, as well as sexual references.

2.      Google:

Age requirements on Google Accounts:

  •  United States: 13 or older
  •  Spain: 14 or older
  •  South Korea: 14 or older
  •  Netherlands: 16 or older
  •  All other countries: 13 or older

Some Google products have specific age requirements. Here are a few examples:

  • YouTube: When a YouTube video has been age-restricted, a warning screen is displayed and only users who are 18 or older can watch it. Learn more about age-restricted videos.
  • Google Wallet: 18+
  •  AdSense: 18+
  •  AdWords: 18+

3.      Yahoo

When a child under age 13 attempts to register with Yahoo!, they ask the child to have a parent or guardian create a Yahoo! Family Account to obtain parental permission.

Yahoo! does not contact children under age 13 about special offers or for marketing purposes without a parent’s permission.

Yahoo! does not ask a child under age 13 for more personal information, as a condition of participation, than is reasonably necessary to participate in a given activity or promotion.

Yahoo! is concerned about the safety and privacy of all its users, particularly children. For this reason, parents of children under the age of 13 who wish to allow their children access to the Yahoo! Services must create a Yahoo! Family Account. When you create a Yahoo! Family Account and add your child to the account, you certify that you are at least 18 years old and that you are the legal guardian of the child/children listed on the Yahoo! Family Account. By adding a child to your Yahoo! Family Account, you also give your child permission to access many areas of the Yahoo! Services, including, email, message boards and instant messaging (among others). Please remember that the Yahoo! Services is designed to appeal to a broad audience. Accordingly, as the legal guardian, it is your responsibility to determine whether any of the Yahoo! Services areas and/or Content are appropriate for your child.

4.      Hotmail

As on Hotmail’s Terms of Use is no reference to the age requirements to join the service, we did our own registration and it appears that 13 is the age requirement for joining Hotmail, as shown below:

I.                   Attempt indicating the user is 6 years old

Step 1   

1

Step 2                        

2

Step 3

3

 

II.                Second attempt, indicating the user is 13 years old.

Step 1

4Step 2

5

 

5.        MySpace 

  • You must be at least 13 years old to have a Myspace profile
  • If you’re under 16 years old, you’re not allowed to list your age as over 16 and make your profile public (your profile must be set to private)
  • If you’re under 18, you’re not allowed to list your age as over 18
  • Users under 18 are not able to make changes to their listed age

Notes & Tips

  • If you break any of the above rules, MySpace will be forced to delete your profile for safety and security reasons (it’s all in their Terms of Use)

6.      Skype

Skype not directly sets up an age restriction within their Terms of Use.

“Jurisdiction’s Restrictions: If the law of Your country prohibits You from downloading or using Skype Software because You are under the age limit or because the Skype Software is not allowed in Your country, please don’t use it”.

According to this, for US the minimum age requirement is 13 + (COPPA).

7.      LinkedIn

PRIVACY POLICY, 18!

In terms of LinkedIn’s Privacy Policy:

 ”Children are not eligible to use our service and we ask that minors (under the age of 18) do not submit any personal information to us or use the service.”

8.      Twitter

Age screening on Twitter

Age screening is a way for brands and others to determine online whether a follower meets a minimum age requirement, in a way that is consistent with relevant industry or legal guidelines. This makes it easier for advertisers and others with content not suitable for minors (e.g. alcohol advertisers) to advertise on Twitter.

There apparently, is now age restriction for setting up an account on Twitter (as we set it up without being asked about our age). See below:

Step 1

6

Step 2: Done!

7

For more advice on how children could stay safe online (you could also share this with your child), click here to visit the material E-Crime Expert specially created for this purpose.

Any questions can be submitted to: dan@e-crimeexpert.com

Additional information can be found at: www.e-crimeexppert.com

Hit the “subscribe” button in order to be notified when new videos and Articles are posted on this blog.

Advertisements

Beyond Data Protection – published today!

January 31, 2013 Leave a comment

Dan Manolescu is glad to announce his contribution to the Beyond Data Protection book, published by Springer and available to the public from today, January 31, 2013. You could find Dan’s contribution under the “Data Protection Enforcement: The European Experience – Case Law” chapter.

 This book provides practical approach to address data protection issues in businesses and daily life. It also compares, contrasts and substantiates the different principles and approaches in Asia, Europe and America  and recommends leading best practices to practitioners and stakeholders based on divergent of technologies involved.

​I strongly recommend you to purchase this book considering the excellent material and contribution of several top scholars in the privacy and data protection fields.

You could find  more info about this book here.

cda_displayimage

This great opportunity would not have been possible without the tremendous work of Noriswadi Ismail, an excellent data protection and privacy scholar and practitioner. He is also the Mastermind behind Quotient Consulting, a boutique firm, which focuses on array of data protection and privacy consulting services such as: Data Diagnosis, Privacy Impact Assessment, Data Protection & Privacy Strategy, Training, Data Protection & Privacy Certification, Public & Private Consultations

In addition, Philipp Fischer’s contribution to this book is remarkable. Philipp is also an outstanding data protection and privacy scholar and professional and he is the CEO of SuiGeneris Consulting, which provides privacy and data security practice, data-use business models and how data flows generate profits. He has extensive underlying subject matter experience at the interface between information security requirements, data protection & – privacy law and economics; especially in information security, quality management, consumer protection, intellectual property, software programming and risk assessment. That enables him to provide strategic business consulting on all aspects of information policy, including privacy, information security and records management.

Last but not least, E-Crime Expert signed  strategic partnerships with Quotient Consulting (with subsidiary in London, UK), and withSuiGeneris Consulting (based in Munich, Germany).

 If you have additional questions, please contact us: dan@e-crimeexpert.com

Transfer mechanisms of personal data from EU to third countries

January 8, 2013 2 comments

This Article explains the concept of transferring personal data from EU to third countries, what those third countries mean, the principles for making such transfers legitimate and the derogations from these principles, and last but not least, the transfer mechanisms of personal data to third countries.

Considering the legal requirements of the Directive 95/46/EC, Article 25
the transfer to a third country of personal data which are undergoing processing or are intended for processing after transfer may take place only if… the third country in question ensures an adequate level of protection…this Article provides three legal mechanisms for such transfers:

-Standard Contractual Clauses – for single Organizations or entities

Binding Corporate Rulesfor multinational Organizations or entities

-Safe Harbor Agreement principles – for Organizations or entities located in the U.S.

The Article provides Organizations or entities with all current available mechanisms for data transfer from the European Union to third countries, regardless if those Organizations are independent-single entities or multinational ones.

This Article was written by Dan Manolescu. If interested, you could read the full Article published by InfoSec Institute here.

If you would like to find out more about InfoSec, you could visit this page here.

Dan Manolescu is now a frequent contributer for InfoSec Institute.

If you have any questions please contact us at: dan@e-crimeexpert.com

Data Protection: one Directive and two perspectives

December 4, 2012 Leave a comment

Data Protection: the economic value and the fundamental human rights perspectives

Related to our latest Blog post on Privacy vs Data Protection, today E-Crime Expert presents a short history and rational behind the Data protection legislation in the European Union.

Did you think that the EU Data Protection legislation was drafted and proposed by the European Union’s Directorate General Justice (because of its Human Rights dimension)?Actually, it was not as the Directive 95/46/EC was drafted and proposed by the DIRECTORATE GENERAL FOR INTERNAL MARKET AND SERVICES DG MARKET.

Why? In order to find out please read bellow the rationals described in the Preamble of the Directive 95/46/EC:

The establishment and functioning of an internal market in which, in accordance with Article 7a of the European Union’s Treaty, the free movement of goods, persons, services and capital is ensured require not only that personal data should be able to flow freely from one Member State (MS) to another, but also that the fundamental rights of individuals should be safeguarded. In other words, there should be a proper balance between the free flow of personal data and the protection of fundamental human rights.

Furthermore, the economic and social integration resulting from the establishment and functioning of the internal market leads to a substantial increase in cross-border flows of personal data between all those involved in a private or public capacity in economic and social activity in the MemberStates and the exchange of personal data between undertakings in different Member States is considerable increasing. Also, the increase in scientific and technical cooperation and the new telecommunications networks in the Community necessitate and facilitate cross-border flows of personal data.

Considering the difference in levels of protection of the rights and freedoms of individuals (privacy), with regard to the processing of personal data afforded in the Member States, it could prevent the transmission of such data from the territory of one Member State to that of another Member State, which constitutes an obstacle to the pursuit of a number of economic activities at Community level, distort competition and diminishes the economic value of a such exchange of data.

Last but not least, in order to remove the obstacles for the flow of personal data, which is vital to the internal market, it is aimed to ensure that the cross-border flow of personal data is regulated in a consistent manner that is in keeping with the objective of the internal market.

Considering the above rationales as outlined in the Preamble of the Directive 95/46/EC, we can easily observe that the Data Protection legislation in the EU does not manly has a human rights dimension but an economic one as the Directive 95/46/EC was drafted and proposed by the DG Market and not by the DG Justice or DG Home, aiming to not only stop but to increase the free flow of data between the Member States by giving legal certainty to the EU citizens and providing a legal framework uniformly implemented among the MS.

The second part of this Blog Post continues with the Directive 95/46/EC human rights dimension  by explaining data protection terminology, principles, rights of data subjects and data transfer mechanisms.

 1)      data protection terminology and definitions

  • ‘personal data’ = any information relating to an identified or identifiable natural person (‘data subject’); and who can be identified:
    • directly
    • indirectly,
    • in particular by reference to an identification number
    • or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity
  • ‘processing of personal data’ = any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as: collection, 
    • recording,
    • organization,
    • storage,
    • adaptation or alteration,
    • retrieval,
    • consultation,
    • use,
    • disclosure by transmission,
    • dissemination or otherwise making available,
    • alignment or combination,
    • blocking, erasure or destruction;
  • ‘personal data filing system’ (‘filing system’) = any structured set of personal data which are accessible according to specific criteria, whether centralized, decentralized or dispersed on a functional or geographical basis;
  • ‘controller’ = the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data;
  • ‘processor’ = a natural or legal person, public authority, agency or any other body which processes personal data on behalf of the controller;
  • ‘third party’ = any natural or legal person, public authority, agency or any other body other than the data subject, the controller, the processor and the persons who (e.g. subcontractor), under the direct authority of the controller or the processor, are authorized to process the data;
  • ‘recipient’ = a natural or legal person, public authority, agency or any other body to whom data are disclosed, whether a third party or not;
  • ‘the data subject’s consent’ = any freely given specific and informed indication of his wishes by which the data subject signifies his agreement to personal data relating to him being processed.

 2)      Principles related to data protection:

  • processed
  • fairly (data subjects informed) and
  • lawfully (based on a legal act)
  • collected for:
    • specified,
    • explicit
    • legitimate purposes
    • no further processed in a way incompatible with those purposes
  • adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed;
  • accurate and, where necessary, kept up to date;
  • kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data were collected
  • the data subject has unambiguously given his consent
  • processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract
  • processing is necessary for compliance with a legal obligation to which the controller is subject
  • processing is necessary in order to protect the vital interests of the data subject
  • processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller or in a third party to whom the data are disclosed

 3)      Information to be given to the data subjects (fair processing)

  • the identity of the controller and of his representative, if any;
  • the purposes of the processing for which the data are intended;
  • any further information such as
    • the recipients or categories of recipients of the data,
    • whether replies to the questions are obligatory or voluntary, as well as the possible consequences of failure to reply,
    • the existence of the right of access to and the right to rectify the data concerning him

4)      Rights of data subjects:

  • Right of access
  • Right to object
  • Right to modification
  • Right to deletion

 5)      Notification

  • Those processing personal data shall provide that the controller or his representative, if any, must notify the supervisory authority (of a member states) before carrying out any wholly or partly automatic processing operation or set of such operations intended to serve a single purpose or several related purposes.

 6)      Transfer mechanisms:

  • Freely to Canada, Argentina, whole EU, etc BUT not to US (does not confer the same level of data protection as EU-because of the Patriot Act)
    • Binding Corporate Rules (for US. Set of rules agreed by the EU Commission when transferring data outside EU)
    • Safe Harbor Agreement (for US that certifies those part of this agreement comply with the EU data protection rules)

 Any questions can be submitted to: dan@e-crimeexpert.com

Additional information can be found at: www.e-crimeexppert.com

Hit the “subscribe” button in order to be notified when new videos and Articles are posted on this blog

 

Privacy versus Data Protection

November 27, 2012 6 comments

Today, E-Crime Expert presents the main similarities and differences between privacy and data protection concepts mainly from two different legislative perspectives:  Canada and the European Union (EU), and briefly from the United States (US).

Also, this blog post provides the main privacy and data protection legislative acts from Canada and EU as a useful resource for those interested or working in this field.

Last but not least, you could find bellow the full EU Data protection revision 2012 package.

I.      US versus EU versus Canada

-The United States (US) and European Union (EU) have different concepts regarding personal information and private data, such as Privacy in the US versus Data Protection in the EU.

US’s approach to privacy focuses on narrowly applicable legislation.

  • sector-based,
  • with a mix of legislation,
  • regulation and self-regulation,
  • focusing on the protection of personal information by specifically addressing a particular industry sector (i.e. medical information, online transactions, credit check, etc)
  • regulating data collected by the federal government

EU has a more comprehensive approach.

  • set of rights and principles for personal data treatment (processing),
  • without considering that the data is held in the public or private sector,
  • protects just natural persons not legal entities
  • the relation between data protection and the economic value as a proper balance between fundamental rights and free flow of information (which has economic value).
  • by granting data protection as a fundamental right, the aim is to protect the individuals but also to encourage the free flow of information, giving data subjects legal certainty and encouraging them to not negatively affect the exchange of information and data

-Canada – similar level of protection to the EU one.

  • Privacy is regulated by the government at the federal and provincial level:
    • The Privacy Act (federal level for private information held by the gov),
    • PIPEDA (federal level for private sector),
    • PIPA (provincial level for private sector, Alberta for example),
    • FOIP (provincial level for public sector, Alberta for example),
    • HIPA (federal level for health information),
    • HIA (provincial level for health information, Alberta for example)
  • The difference between Canada and EU
    • Canada’s legislation regulates both organizations and individuals privacy rights and access
    • EU’s legislation regulates the individuals’ rights (no organizations)
    • Canada gives to the individual the right to access their data or other individuals’ or organizations data along with their privacy protection right under the same Act (The Privacy Act, FOIP)
    • EU gives to the data subject the right to protection of their personal data under one single act (Directive 95) and to access data for public interest under the Transparency Regulation (1049)-no others personal data could be accessed in the private sector (just for law enforcement)
  • Canada enacted different acts for different data categories (private-PIPA, public-FOIP, health-HIA, children-Child, Youth&family enhancement act, etc)
  • EU has the same Legislative Act (e.g. Directive) but with different degrees of protection and limitations based on the data categories sensitivity (identification, medical, criminal, etc).
  • Canada sets forth a minimum time for information retention when EU sets forth a maximum time for data retention
  • in Canada information sharing is done based on Information Sharing Agreements (local, federal, international)
  • in EU the data transfer has three layers of protection for exchange locally within the same institutions, bodies, organizations, between EU member states, or internationally (with third countries).

 II.      Privacy versus data protection

  • The concept of privacy and data protection is not the same.
  • Data protection has a privacy dimension, but it is narrower in scope than the privacy concept, “as the privacy encloses more than personal data” (i.e. private life, private home, private correspondence, etc.)
  • From a different angle, it encloses a wider area, “since personal data are protected not only to enhance the privacy of the subject, but also to guarantee other fundamental rights, such as the right to freedom of expression, or the right to know what data is gathered about you,  to have access to your data, to ask for modification or deletion of your data, etc”
    • Furthermore, data protection gives individuals the right to know
  • What personal data is collected,
  • on what legal grounds,
  • how it is used, for how long it used and kept,
  • and by whom.
    • specifically grants data subjects with the rights to access, modify,   update or ask for deletion of such data

 III.      EU legislative framework

IV.      EU Data protection revision 2012 (to reflect the new technological developments and to provide a consistent legislative framework across EU):

Click here to access the new proposed EU Data Protection regulation

  • It was proposed a Regulation versus the existing Directive. A Regulation is better, as it is immediately and more uniformly implemented into the Member States national law.
  • Data subjects
    • increasing responsibility and accountability – companies would have to notify their clients of any theft or accidental release of personal data
    • clarifying that where someone’s consent is required before a company reuses their personal data, they need to give that consent explicitly – people would also have access to their own private data and be able to transfer it to another service provider more easily
    • reinforcing the ‘right to be forgotten’ – people will be able to have their personal data deleted if a business or other organization has no legitimate reasons for keeping it
    • applying EU rules when personal data is processed outside Europe – people would be able to involve the national data protection authority in their country, even when their data is processed by a company based outside the EU
    • People will have easier access to their own data and be able to transfer personal data from one service provider to another more easily (right to data portability). This will improve competition among services
  • Good for business
    • A single set of rules would encourage a more consistent application of the law across the EU. Businesses would have clear rules on how to treat personal data
    • Companies would only have to deal with a single national data protection authority in the EU country where they have their main operations (saving businesses an estimated €2.3bn a year)
    • The obligation of appointment of a data protection officer for organizations with 250 employees and over (private sector
    • Instead of the current obligation of all companies to notify all data protection activities to data protection supervisors – a requirement that has led to unnecessary paperwork and costs businesses €130 million per year, the Regulation provides for increased responsibility and accountability for those processing personal data
    • Companies and organisations must notify the national supervisory authority of serious data breaches as soon as possible (if feasible within 24 hours)
    • Organisations will only have to deal with a single national data protection authority in the EU country where they have their main establishment. Likewise, people can refer to the data protection authority in their country, even when their data is processed by a company based outside the EU. Wherever consent is required for data to be processed, it is clarified that it has to be given explicitly, rather than assumed
    • EU rules must apply if personal data is handled abroad by companies that are active in the EU market and offer their services to EU citizens
    • Independent national data protection authorities will be strengthened so they can better enforce the EU rules at home. They will be empowered to fine companies that violate EU data protection rules. This can lead to penalties of up to €1 million or up to 2% of the global annual turnover of a company
  • Better enforcement
    • The new rules would give national data protection authorities powers to enforce the EU rules more rigorously
    • A new Directive will apply general data protection principles and rules for police and judicial cooperation in criminal matters. The rules will apply to both domestic and cross-border transfers of data. For the new Directive click here.
  • Next steps
    • The proposals is aimed to encourage more online commerce by improving consumer trust – contributing to economic growth and job creation. The new Data protection proposed legal framework (Regulation+Directive) must be approved by the European Parliament and Council before becoming law.
  • Commission Proposals on the data protection reform: legislative texts

Source: Directorat General Justice of the European Commission

Any questions can be submitted to: dan@e-crimeexpert.com

Additional information can be found at: www.e-crimeexppert.com

Hit the “subscribe” button in order to be notified when new videos and Articles are posted on this blog

Did you get a New electronic device for Christmas?

January 6, 2012 Leave a comment

Happy New Year to everyone! Wish you all the best for this year, but most importantly, I wish you to be healthy and around your families! Also, stay safe!

Maybe for some of you Santa was kind enough and brought you new electronic devices such as a new laptop, desktop, iPad, tablet or smartphone. That sounds exciting, but have you thought what are you going to do with your old electronic device? Giving it away to charity? Selling it on a classified website, or giving it to a family member or friend? In any of these cases you should first be sure that you are not involuntarily sharring your private info and data. For this reason, E-Crime Expert presents again today some tips on how to remove this personal data from your old electronic device before being given away.

Please watch this video tutorial here:

More details are provided bellow:

A large volume of electronic data is stored on computer systems and electronic media. Much of this data consists of confidential and sensitive information, including patient records, financial data, personnel records, and research information.

If you are with a company or organization that accepts donations or properly dismantles computers, electronics, or hard drives, take them there.

If you have a computer or computer equipment that you believe is beyond repair or is too old to be useful take it to a dismantling centre.

Many computer manufacturers and computer hardware manufactures also have their own recycling or trade in programs. When you buy a new computer you could perhaps trade in the old one.

All computer systems, electronic devices and electronic media should be properly cleared of sensitive data and software before being transferred from you to another seller or dismantling centre.

Computer hard drives should be cleared by using software and then be physically destroyed. Non-rewritable media, such as CDs or non-usable hard drives, should be physically destroyed (ie. scratched, broken into pieces).

Try to destroy or dismantle you hard drive, external hard drive, printer, fax, cell phone, computer, camera, web camera, GPS, laptop because all these devices have internal memory where sensitive data is still stocked even if properly deleted manually or with a software.

When you sell an old laptop or PC, try first to “format” your device and reinstall the operating system- If you are not able to do this, at least try to DELETE:

  • All your photos, videos, music files, located on the following folders: Desktop or My Documents, My Music, My videos (Movies),
  • Archives
  • The folder that retrieves your Mail inbox on your computer
  • Recent documents folder
  • Downloads
  • Library folder
  • Data storage folder
  • Maildownloads folder
  • Info.plist document
  • Key chain, the folder that stores your passwords on a computer
  • Cookies folder
  • Calendar folder
  • Printer folder
  • Cache folder
  • Favorites folder
  • Logs folder
  • Web browser (Safari) folder
  • Sync Services folder used for cloud computing or to sync with other devices
  • Address book

Note: these folders are available on a MacBook Pro device (with Snow Leopard  OS), the order or name of the folders  may differ from computer to computer or from one operating system to another. But the principle is the same.

When you sell your used cellular phone try to do a “factory data reset” and all the information and personal settings will be removed. This is mandatory when you sell your used device.

Step 1: go to settings

Step 2: select SD&phone storage

Step 3: select Factory data reset

This should reset all your information on your phone.

Note: these folders are available on HTC Desire running on Android version 2.2. 

Any questions can be submitted to: dan@e-crimeexpert.com

Additional information can be found at: www.e-crimeexppert.com

Have you ever used any of those methods? Are you thinking to use any of them? How do you dispose of your electronic devices and gadgets you no longer use?

Hit the “subscribe” button in order to be notified when new videos and Articles are posted on this blog.

EU Member States’ national Data Protection Laws

December 16, 2011 1 comment

As announced in the last blog post here, E-Crime Expert presents today the National Data Protection Legal Acts of each Member State as required by the implementation of the Directive 95/46. This could be helpful for anyone interested as there are significant differences among the Member States DP national legal frameworks, acquired during their implementation  process of  the Directive 95/46. In this regards, for a company running commercial activities in Belgium, their compliance when processing personal data in Belgium, should be subject to the Belgian DP national Law. The Directive 95/46 has no direct implication or relation to their processing operations in Belgium or in any other member States. This Directive sets forth the general European legal framework with the minimum protection requirements  for the national DP laws implemented by each member State in their own ways. Therefore, for any interested party, company or data subject, it is useful to know which DP Laws particularly applies when running businesses, doing electronic commerce or any other activities that require processing of personal data.

Transposition of the Directive 95/46 requirements into national laws.

Here you can find the national laws of each member state:

Austria

Data Protection Act 2000, Austrian Federal Law Gazette part I No. 165/1999

Belgium

Act of 8 December 1992

Royal Decree

Bulgaria

Personal Data Protection Act

Cyprus

The Processing of Personal Data (Protection of Individuals)
Law 138(I)2001

Czech Republic

Act on Protection of Personal Data (April 2000) No. 101

Denmark

Act on Processing of Personal Data, Act No. 429, May 2000.

Estonia

Personal Data Protection Act of 2003
 

Finland

 Personal Data Act (523/1999)

Act on the amendment of the Personal Data Act (986/2000)

France

Data Protection Act of 1978 (revised in 2004)

Germany

Federal Data Protection Act of 2001

Greece

Law No.2472 on the Protection of Individuals with Regard to the Processing of Personal Data, April 1997.

Hungary

Act LXIII of 1992 on the Protection of Personal Data and the Publicity of Data of Public Interests

Ireland

Data Protection Act 1988.

Data Protection (Amendment) Act 2003.

Italy

Data Protection Code of 2003

Processing of Personal Data Act, January 1997

Latvia

Personal Data Protection Law, March 23, 2000.

Lithuania

Law on Legal Protection of Personal Data (June 1996)

Luxembourg

Law of 2 August 2002 on the Protection of Persons with Regard to the Processing of Personal Data.

Malta

Data Protection Act (Act XXVI of 2001), Amended March 22, 2002, November 15, 2002 and July 15, 2003

The Netherlands

Dutch Personal Data Protection Act 2000

Poland

Act of the Protection of Personal Data (August 1997)

Portugal

Act on the Protection of Personal Data (Law 67/98 of 26 October)

Romania

Law No. 677/2001 for the Protection of Persons concerning the Processing of Personal Data and the Free Circulation of Such Data

Slovakia

Act No. 428 of 3 July 2002 on Personal Data Protection.

Slovenia

Personal Data Protection Act , RS No. 55/99.

Spain

ORGANIC LAW 15/1999 of 13 December on the Protection of Personal Data

Sweden

Personal Data Protection Act (1998:204), October 24, 1998

United Kingdom

UK Data Protection Act 1998

Privacy and Electronic Communications (EC Directive) Regulations 2003

E-Crime Expert would like to thank you for reading this Blog and to wish you Merry Christmas and a very Happy New Year! We’ll be back in the first week of January 2012.

Till then, stay safe!

Any questions can be submitted to: dan@e-crimeexpert.com

Additional information can be found at: www.e-crimeexppert.com

Hit the “subscribe” button in order to be notified when new videos and Articles are posted on this blog.

%d bloggers like this: