standards for transfer of data to other countries.



Similar documents
Under European law teleradiology is both a health service and an information society service.

THE TRANSFER OF PERSONAL DATA ABROAD

Corporate Policy. Data Protection for Data of Customers & Partners.

4-column document Net neutrality provisions (including recitals)

Global Stock Options. COLOMBIA Brigard & Urrutia Abogados

ARTICLE 29 DATA PROTECTION WORKING PARTY

AUDITING AND ENFORCEMENT AT THE SPANISH DPA. EXPERIENCE WITH OUTSOURCING TO COUNTRIES WITH A NON ADEQUATE LEVEL OF PROTECTION

Mexico. Rodolfo Trampe, Jorge Díaz, José Palomar and Carlos López. Von Wobeser y Sierra, S.C.

Directors & Officers dedicated worldwide protection. A guide to Zurich s Side A policy

Service Description: Dell Backup and Recovery Cloud Storage

By using the Cloud Service, Customer agrees to be bound by this Agreement. If you do not agree to this Agreement, do not use the Cloud Service.

General Insurance Conditions (GIC) Clinical Trials in Human Research

Service Schedule 5 - Internet Connectivity Services Terms & Conditions v1.0

General Terms for the e-banking Application of Valartis Bank (Liechtenstein) AG, Gamprin-Bendern

Qualified Electronic Signatures Act (SFS 2000:832)

Guide to WIPO Services

FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS

Tax risk management strategy

Data Management: Considerations for Integrating Compliance Requirements At Home and Abroad. Toronto, Ontario June 14, 2005

E U R O P E A N E C O N O M I C A R E A

Registration contract for domain names under the domain ".ch"

Privacy Policy and Terms of Use

Carrier Cloud. DIGITALK Product Brochure

Briefly summarised, SURFmarket has submitted the following questions to the Dutch DPA:

OVERVIEW. stakeholder engagement mechanisms and WP29 consultation mechanisms respectively.

Application of Data Protection Concepts to Cloud Computing

Data Processing Agreement for Oracle Cloud Services

SUPERIOR COURT OF CALIFORNIA COUNTY OF LOS ANGELES, STATE OF CALIFORNIA

Introduction PriorFX LTD Right to Privacy Information

THE BUSINESS COUNCIL OF WESTCHESTER Website & Internet Services Terms And Conditions of Use

LOGIX Fax to Service

Terms of Service. Your Information and Privacy

Tax Impacts to Structure Investments in Brazil Debt or Equity. Andrea Bazzo Lauletta November 2012

OSRAM BCR Binding Corporate Rules ( BCR ) for OSRAM Group Companies and Adopting Companies for the protection of personal data

Requirements made under the Intermediaries Byelaw

5581/16 AD/NC/ra DGE 2

List of the general good provisions applicable to insurance and reinsurance intermediaries FEBRUARY 2011

PRINCIPLES OF THE TRANSFER OF PERSONAL DATA TO A THIRD COUNTRY. Introduction

ACT. of 15 March 2002

Dennemeyer & Associates Terms and Conditions for Trademark Clearinghouse Services

Binding Corporate Rules Privacy (BCRP) personal Telekom Group rights in the handling of personal data within the Deutsche Telekom Group

How To Write A Letter To The European Commission On A Number Of Issues

Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

Considerations for Outsourcing Records Storage to the Cloud

ELECTRONIC COMMERCE DIRECTIVE, DIRECTIVE 2000/31/EC OF THE EUROPEAN PARLIAMENT AND

Procedural Safeguards in Criminal Justice: the EU s Roadmap. prof. Raimundas Jurka

POSITION PAPER. Regulation of Voice over Internet Protocol Services. Position Paper No. 1 of 2007 LAU/0504/054

Privacy in the cloud. DNB has indicated that it considers cloud computing a form of outsourcing.

Acceptance of Terms. Terms of Service. Privacy Policy. Terms Applicable to All Products and Services. Last Updated: January 24, 2014

TERMS & CONDITIONS: LIMITED LICENSE:

ETNO Expert Contribution on Data retention in e- communications - Council s Draft Framework Decision, Commission s Proposal for a Directive

on the transfer of personal data from the European Union

Website Development & Hosting Agreement

AlixPartners, LLP. General Data Protection Statement

CLOUD COMPUTING FOR ehealth DATA PROTECTION ISSUES

MASSIVE NETWORKS Online Backup Compliance Guidelines Sarbanes-Oxley (SOX) SOX Requirements... 2

HIPSSA Project. Support for Harmonization of the ICT Policies in Sub-Sahara Africa, Second Mission -Namibia

LSSA Guidelines on the Use of Internet-Based Technologies in Legal Practice

SaaS Terms & Conditions

d. Members shall not conduct their business in a manner which tends to bring either BRBA or the BMF or its membership into disrepute.

Click here for Explanatory Memorandum

Jozii LLC WEBSITE TERMS OF SERVICE

MODEL CONTRACTS FOR SMALL FIRMS LEGAL GUIDANCE FOR DOING INTERNATIONAL BUSINESS

-«Trustee Authority»: Entity that defines and regulates the conditions of assignment and use of Domain Names, applying to each particular Extension.

DO NOT DIVULGE DETAILS OF THIS MONEY TRANSFER TO A THIRD PARTY.

ELECTRONIC SIGNATURES AND ASSOCIATED LEGISLATION

14 December 2006 GUIDELINES ON OUTSOURCING

Terms and Conditions of Use and Sale as at 1 st January 2009

LEGISLATION COMMITTEE OF THE CROATIAN PARLIAMENT

BENEFIT PLAN CLIENT: CLIENT ID: EFFECTIVE DATE: MONTHLY PAYMENT DUE DATE:

DELEGATION AGREEMENT

All copyright, trade mark, design rights, patent and other intellectual property rights (registered or unregistered) in the Content belongs to us.

USERS SHOULD READ THE FOLLOWING TERMS CAREFULLY BEFORE CONSULTING OR USING THIS WEBSITE.

Clause 1. Definitions and Interpretation

European Health Insurance Card

COMPUTER & INTERNET. Westlaw Journal. Expert Analysis Software Development and U.S. Export Controls

Mega Transparency Report. March Requests for Removal of Content and for User Information

Investing into India through Mauritius

THESE FORMS ARE NOT A SUBSTITUTE FOR LEGAL ADVICE.

CCBE RESPONSE REGARDING THE EUROPEAN COMMISSION PUBLIC CONSULTATION ON CLOUD COMPUTING

What Every Business Lawyer Should Know About International Transactions

ON MUTUAL COOPERATION AND THE EXCHANGE OF INFORMATION RELATED TO THE OVERSIGHT OF AUDITORS

protection rights are limited. protection rights are limited.

How To Deal With Cloud Computing

PUBLIC PROCUREMENT CONTRACTS

MAQUET SAS GENERAL TERMS AND CONDITIONS OF PURCHASE

Zope Foundation Trademark License

THE WESTERN UNION MONEY TRANSFER SERVICE (THE SERVICE ) SHALL BE MADE AVAILABLE SUBJECT TO THE FOLLOWING CONDITIONS

EU Data Protection Directive and U.S. Safe Harbor Framework: An Employer Update. By Stephen H. LaCount, Esq.

(DRAFT)( 2 ) MOTION FOR A RESOLUTION

Transcription:

comes to Cloud Computing, the situation is not different in Brazil. ln spite of the security devices and tolls made available by the Cloud Computing suppliers, the most significant obstacles and discussions about privacy relate to how easy it is to access and monitor lhe data stored by the users, whether they belong to individuais or companies. The alleged vulnerability results especially from the insecurity concerning the data storage place and, consequently, the security and protection parameters and standards established by the local law. lnformation that was stored in physical and determinable places until recently is now transferred to data centers in unknown locations, generating some insecurity about the legal requirements and measures applicable to safeguard rights. As already mentioned above, as a consequence of the Brazilian case law, the aforementioned bills already acknowledge the extra-territoriality of the Brazilian law to the services of storage of personal data, including those stored abroad.' 'º 1 nternational transfer of data Just like with data protection and security, our legal system does not have any specific law establishing any minimum security rules and standards for transfer of data to other countries. The major issue of data transfer and processing lies in the law applicable to data in traffic, whether the law of the country of origin is still applicable alter the transfer or the law of the country of destination is applicable, whether or not it is more advantageous. The member countries of the European Union, for example, under the rules of European Directive 95/46/ EC11'', are solely authorized to transmit and transfer their personal data to another countries that adopt identical or greater prolection leveis. The European Commission in charge of data protection did not expressly state that Brazil does not have an appropriate data protection system. However, the Brazilian system deemed general would not be enough to meet the rules established by the community law. As stated above, Brazil is about to approve a consolidated body of laws introducing an updated system of data protection which may also involve lhe regulation of international transfer of data. Conclusion ln relation to the legal aspects, in spite of the recent legislative developments for regulation of lnformation Technology services, situations in which the technology prescinds from legal focus for reaching the ideal legal security for the parties involved are not unusual at all. When it The relationships of engagement of Cloud Computing in Brazil are currently subject to general rules of agreements and liability, rules of consumer protection and defense - when applicable, and the constitutional and legal guarantees concerning data security and privacy. The matter of data export to data centers and other important aspects relating to Cloud Computing are currently under discussion at legal and political leveis. ln spite of the challenges explored herein and other challenges that the model of Cloud Computing services tend to face, the system is undeniably a worldwide trend. li is important to bear in mind that there are no international treaties or self-regulation about the matter to which Brazil is a party. The local legislations play a relevant role in that scenario and, when analyzing the data processing and transfer, it is valid to obtain a general view of lhe different jurisdictions involved in the business. Furthermore, in a scenario of relative uncertainty, lhe wording of contractual sections is extremely important, especially in cross border transactions, and the arbitration may be a more interesting way than the ordinary courts for resolution of litigations. By Camila Gurgel Fasano de Guglielmo Douglas Cohen Moreira BKBG Special thanks to Fernanda Gonçalves Rodrigues ' lnternational Telecommunication Union - ITU. Privacy in Cloud Computing. Technology Watch Report; March, 2012. Internet page retrieved on November 13, 2013 through the link http://www.itu.int/dms_pubfltu-t/oth/23/01/t23010000160001 PDFE.pdf 8 PL No. 2126/2011. Article 11. ln any operation of collection, storage, safeguard and treatment of registrations, personal data ar communications data by internet connection and applications providers where ai least one of these acts takes place in the Brazilian territory, the Brazilian law, the rights to privacy, confidentiality of personal data, private communications and registrations shall be complied with. ' PL No. 3558/12. Article 3. Every person with domicile in Brazil, whether an individual or a private or public legal entity, is entitled to protection of their personal data generated in lhe Brazilian territory, even if stored abroad. 'º However, it should be mentioned that the Brazilian law orders the processing of certain pieces of information in the Brazilian territory, such as health data of the social security, data of consumers of public utilities and of users of telephony services and financial system. " Directive 95/46/EC of the European Parliament and Council dated October 24, t 995 on protection of individuais as regards processing of personal data and free movement of said data. Internet page retrieved on November 13, 2013 through the link http://europa.eu/legislation_summaries/information_ society/data_protection/1140 12_en.htm Lawyer Monthly Global Expert 2014 - lntellectual Property 99

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information