Privacy Laws & Business

Privacy Laws & Business European Privacy Officers Network

Briefing and Roundtable with the

Netherlands Data Protection Commissioner
The Hague, The Netherlands, November 14th 2007

------

Programme

08.45 Registration

09.00-12.00 Briefing

12.00-12.30 Lunch

13.00-17.00 Roundtable with the Netherlands Data Protection Commissioner and Advisor

Morning Agenda

Host: De Brauw Blackstone Westbroek, The Hague

Speakers: Ms. Lokke Moerel, Partner and Mr. Richard van Staden ten Brink, Attorney

De Brauw Blackstone Westbroek, Amsterdam

1.  The Dutch Data Protection Authority Organization, Powers and Enforcement Priorities

2.  Specific points of interest under Dutch DP Law

·  Dutch Notification Exemption Decree

·  Dutch Permit Requirement for International Data Transfers

·  Concept of Personal Data – data at Zip code level, IP and email addresses

3.  Employee Monitoring

·  Employees’ use of company systems (i.e. monitoring of use of specific e-learning or HR tools)

·  Telephone, e-mail and internet for private use in work time

·  Compliance with US requirements (mandatory obligations to monitor for drug abuse, insider trading, disciplinary measures and criminal convictions)

·  Recent case law of the Dutch Supreme Court regarding workplace drug testing

·  Internal investigations (ordered by regulatory bodies or otherwise)

·  Dutch Works Council

4.  International Transfers – BCRs

·  implications Swift decision for intra company data transfers

·  the Dutch DPA as "lead DPA" for BCR

·  update status co-ordinated procedure

·  Splitting up Employee BCR and Consumer BCR

·  overview EU obstacles in co-ordinated procedure - recent developments

5.  New Dutch Guidelines on the online collection and use of Personal Data

6.  Right of Access (recent Dutch Supreme Court decision)

7.  Other recent issues

·  Social Networks

·  Registration of health care professionals for accreditation purposes (depending on participants)

·  Security Breach Notification Protocol

------

Roundtable with the

Netherlands Data Protection Commissioner

Afternoon Agenda 13.00h.-17.00h.

Host: The Netherlands Data Protection Commission, The Hague

Speakers: Ms. Madeleine McLaggan-van-Roon, Commissioner, Ms. Sanne van de Velde, Senior Policy Officer, Ms. Sjoera Nas, Senior Policy Officer, and Ms. Anne Smeets, Policy Officer

1.  The Netherlands Data Protection Authority (CBP)

·  Its position, strategy and developments towards more enforcement of the Netherlands Data Protection Act (Wbp)

·  The CBP’s expectations of company data protection officers

·  The role of certified data protection audits

Ms. Madeleine McLaggan-van-Roon, Commissioner

2.  Binding Corporate Rules

Ms. Anne Smeets, Policy Officer

3.  Employee Monitoring Mrs. Sanne van de Velde, Senior Policy Officer

4.  The Internet and privacy

Mrs. Sjoera Nas, Senior Policy Officer

5.  Questions and answers on other issues

All speakers