Sent to subscribers in January 2011.

Supplement #4 provides updates to several country chapters to reflect recent developments. Chapter 9 reflects the addition of the Faroe Islands as a country that provides “adequate protection” of privacy rights and personal information. The updated country chapters include Belgium, Brazil, Bulgaria, China, Cyprus, Dominican Republic, Finland, France, Israel, Italy, Malta, Poland, South Korea, Spain, Switzerland, and Taiwan.

The Belgium chapter expands its analysis of the regulation of monitoring, and in particular the use of video cameras. The Brazil and Bulgaria chapters are supplemented with descriptions of the privacy related provisions in each country’s constitution. The China chapter provides access to new case law, including a case on the protection of an employee’s privacy on the workplace. The Cyprus chapter describes the international treaties and conventions, and the provisions of the country’s constitution, that address the protection of personal information. The updated chapter also analyzes provisions regulating the interconnection of data, and the implementation of the privacy directive in the country’s laws.
The Dominican Republic and the Finland chapters are augmented with an analysis of the international and regional conventions that each country has ratified, and that affect the protection of personal data. The update to the French chapter reflects France’s adoption of a “privacy seal.” There are also new developments with respect to privacy in the work place and a new decision from the Cour de Cassation (Supreme Court) on the access to employee files by an employer. In Israel, new laws have been adopted regarding the use of biometric data and the right of access to communications data by enforcement agencies. In Italy, a new regulation sets out new requirements for Systems Administrators. In addition, the country has amended its data protection law to incorporate the use of Binding Corporate Rules as a means to ensure adequacy. There are also new provisions regarding commercial messages and the adoption of a “do-not-call” list. The update to the Malta chapter reflects the adoption of new guidelines by the Malta Office of the Data Protection Commissioner to confirm that a data controller is responsible for the acts or omission of its data processors. The revisions to the Poland chapter provide summaries of recent cases and enforcement actions. The South Korea chapter is supplemented with additional laws that regulate access to, or use of, personal data.
The additions to the Spain chapter clarify the obligations of data controllers, and those to the Switzerland chapter provide recent developments. Finally, the Taiwan chapter contains a detailed analysis of the recent amendments to the data protection law, which extend the reach of the law to all entities, and create additional restrictions. Further, this chapter comments on additional data protection laws in the areas of employment, commercial messages, and telecommunications.