Show Less
You do not have access to this content

Determann’s Field Guide to Data Privacy Law

International Corporate Compliance, Third Edition

Lothar Determann

Companies, lawyers, privacy officers and marketing and IT professionals are increasingly facing privacy issues. While information is freely available, it can be difficult to grasp a problem quickly, without getting lost in details and advocacy. This is where Determann’s Field Guide to Data Privacy Law comes into its own – identifying key issues and providing concise practical guidance for an increasingly complex field shaped by rapid change in international laws, technology and society.
Show Summary Details
This content is available to you


International Corporate Compliance, Third Edition

Lothar Determann


This Field Guide is not about ‘roughing it’. This book guides you through an increasingly complex field of laws, regulations and technology. Generalists in corporate legal departments and private practice, privacy officers, information technology product developers, marketing managers and others are confronted with data privacy and security issues more and more frequently. Tons of information is publicly available, much of which is free of charge. Still, it can be difficult to get a handle on a practical problem quickly without getting lost in details.


This is where this Field Guide is meant to come into play. It is designed to help identify issues, provide a brief practical overview, shape questions and lead to solutions. Where the Field Guide cannot provide an answer that is detailed enough, it contains directions to further resources that are easily accessible – by providing key terminology that can be easily looked up. Footnotes with citations in ‘Bluebook format’ have consciously been omitted; this book is for use in the field, not in a library.


For example, in this Field Guide you will find checklists with key compliance requirements and practical suggestions on how to go about satisfying them in an efficient manner. You will also be presented with examples of jurisdiction-specific details that global companies are most likely to encounter in the field, selected for illustrative purposes, but never for all 190+ countries. Once you have your bearings and you want to determine applicable details by country and situation, for example, whether you have to appoint a data protection officer in China, this Field Guide will refer you to other resources, listed at the back of the book, including Baker & McKenzie’s Global Privacy Handbook (available free of charge, the 2017 Edition covers 60+ jurisdictions).


Consider a few suggestions on how to use the Field Guide: If you got this book because you are tasked with designing or implementing a new data privacy compliance program, you could start with the following overview of ‘Key Terms’ and ‘Key Concepts’ for orientation, and then use the main five Chapters of the Field Guide for navigation. If you just want to get a quick read on a particular issue, you could look up buzz words in the Index at the end of the book to zoom in on a topic that concerns you. Or, if you are faced with a particular task, you could also try one of the following paths:

Task or issueGuidance
Draft a privacy policyCh. 3.1–3.8
Respond to data security breach Ch. 5 – Breaches of Data Security
Buy or sell cloud computing services Ch. 5 – Cloud Computing; Vendors
Ch. 3.9 – Agreements
Appoint data privacy officerCh. 1.1–1.2
Achieve compliance re. international data transfersCh. 2
Prepare filings for data protection authoritiesCh. 3.12
Conduct due diligence on M&A targets, vendorsCh. 4
Select network/employee monitoring toolsCh. 5 – Employee Data and Monitoring; Wiretapping
Deploy cookies, tracking technologies legallyCh. 5 – Advertising, Tracking
Comply with anti-spam lawsCh. 5 – Unsolicited Communications
Develop product, process or service Ch. 5 – Privacy by Design
Gather management supportCh. 5 – Rights, Remedies,
Enforcement; Y – Why Protect Privacy?