History of data protection: 2001

Key developments

Council of Europe’s Additional Protocol to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, regarding supervisory authorities and transborder data flows (ETS No. 181) opens for signature.
🇺🇸 After the events of 11 September 2001, the United States adopt, on 19 November 2001, the Aviation and Transportation Security Act requiring airlines flying into US territory to transfer data relating to passengers and cabin crew, to be made electronically and completed before the plane takes off, at the latest 15 minutes after departure. The measure, eventually followed by additional data sharing requirements, kicks off a series of discussions and reactions regarding the legality of ‘Passenger Name Record’ (PNR) data transfers in light of European data protection law.

Also this year

A European Conference on Data Protection on Council of Europe’s Convention 108 for the protection of individuals with regard to automatic processing of personal data: Present and future is organised by the Council of Europe and the Inspector General of Poland for Personal Data Protection, under the patronage of the President of the Republic of Poland, in Warsaw (Poland), from 19 to 20 November 2001 (cf. the proceedings, feat. notably Frits Hondius).
⚖️ The European Court of Justice (ECJ) rules against Luxembourg for having failed to transpose Directive 95/46/EC, in Commission v Luxembourg (C-450/00), on 4 October 2001.
🇪🇺 The European Commission:
- puts forward on 15 June 2001 Standard Contractual Clauses to allow data transfers to third countries that do not ensure an adequate level of data protection;
- (🇪🇺 🇨🇦)adopts a decision on the adequate protection of personal data provided by the Canadian Personal Information Protection and Electronic Documents Act, on 20 December 2001.
🇺🇸 The EU Data Protection Directive: Implications for the U.S. Privacy Debate, Hearing before the Subcommittee on Commerce, Trade, and Consumer Protection of the Committee on Energy and Commerce, House of Representatives, One Hundred Seventh Congress, first session, March 8, 2001. 4.C 73/8:107-19.
The Article 29 Working Party publishes its fourth annual report (WP 46), covering 1999 (adopted on 17 May 2001).

Literature

Bygrave, Lee A. (2001), ‘Core principles of data protection‘, Privacy Law and Policy Reporter 7(9), 169.
De Bot, Dirk (2001), Verwerking van persoonsgegevens, Kluwer Rechtswetenschappen.
Gilliom, John (2001), Overseers of the Poor: Surveillance, Resistance, and the Limits of Privacy, The University of Chicago Press.
Guadamuz, Andrés (2001), ‘Habeas data vs. the European Data Protection Directive‘, Journal of Information, Law & Technology 3.
Gutwirth, Serge (2001), Privacy and the Information Age, Rowman & Littlefield.
Poullet, Y., Louveaux, S., & Asinari, M. (2001), ‘Data protection and privacy in global networks: European approach‘, EDI Law Review, 8 (Issues and 3), 147-196.
Roßnagel, Alexander, Andreas Pfitzmann, and Hans-Jürgen Garstka (2001), Modernisierung des Datenschutzrechts: Gutachten im Auftrag des Bundesministeriums des Innern, Bundesministerium des Innern.
Solove, Daniel J. (2001), ‘Privacy and power: Computer databases and metaphors for information privacy‘, Stanford Law Review, 53, 1393-1462.
Warren, Adam P., James Dearnley, and Charles Oppenheim (2001), ‘Sources of literature on data protection and human rights‘, Journal of Information Law & Technology, 2.
Wiseman, Frederick (2001), ‘Privacy and Documentary Filmmaking‘, Social Research, 68(1), 41-47.

In the media

Music

🎵 Ariel Pink’s Haunted Graffiti ‎’Privacy’ (from Scared Famous, 2001).
🎵 Michael Jackson ‘Privacy’ (feat. Slash) (from Invincible, 2001). Video here (YouTube).