On 5 February 2015, the Article 29 EU Data Protection Working Party (WP) issued a letter addressed to Paul Timmers – the Director of Sustainable and Secure Society at the European Commission. Within the Annex of this letter, the WP identifies relevant criteria to determine when data processed by lifestyle and wellbeing apps and devices … Continue reading
Author Archives: Sophie Stalla-Bourdillon
The (EU Parliament) Legal Service’s opinion on the impact of the invalidity of the data retention Directive…. Is the wind starting to blow?
On 8 January, the legal service of the European Parliament released an opinion, the purpose of which was to answer 9 questions posed by its LIBE Committee (Civil Liberties, Justice and Home affairs), as regards the effect of the judgment of CJEU in the landmark Digital Ireland (DRI) case of 8 April 2014 on the … Continue reading
Access to data / content data / Data protection / interception / Internet intermediaries / Law enforcement / metadata / Privacy
What if Commissioners could be heard by the right people? Why DRIPA is getting muddier and muddier…
Just before Christmas, the UK Interception of Communications Commissioner’s Office (IOCCO) published online its submission for the Investigatory Powers Review. It is a 51 p. document full of interesting things. The purpose of this post is to highlight the main points made by the IOCCO with a view to clarifying the debate as regards the … Continue reading
Usurpation of identity à la française: the first application of Article 226-4-1 of the French Penal Code
The French LOPSSI 2 Act of 2011 [LOPSSI stands for Loi d’Orientation et de Programmation pour la Performance de la Sécurité Intérieure] introduced into the French Penal Code a new Article 226-4-1 to criminalise the “act of usurping the identity of an individual or the act of using one piece or several pieces of data … Continue reading
A structured overview of the Article 29 Working Party’s guidelines on the implementation of the right to … alter the structured overview of data-subject information generated by search engines (the so-called ‘right to be forgotten’)
The Article 29 Data Protection Working Party adopted on 26 November 2014 its guidelines on the implementation of the controversial Court of Justice of the European Union (CJEU) judgment on Google Spain v. AEPD and Costeja (C-131/12). In that case, the CJEU ruled on three questions concerning the interpretation of the Data Protection Directive … Continue reading
Data protection / Internet intermediaries / Law enforcement / Privacy / Surveillance / video surveillance
CJEU interprets the concept of ‘in the course of a purely personal or household activity’ and indirectly delineates the remit of the Data Protection Directive
In its judgement of 11 December 2014 (Case C-212/13 František Ryneš v Úřad pro ochranu osobních údajů) the Court of Justice of the European Union (CJEU) had to answer “a very precise” question [to use the words of Advocate General JÄÄSKINEN]: “Can the operation of a camera system installed on a family home for the … Continue reading
Are the Europeans that different from the Americans? Can online service providers rely upon their privacy policies to systematically gather the metadata and content data of online communications in order to detect all sorts of illegal activities and let law enforcement bodies know?
That online service providers (OSPs), including Internet Service providers (ISPs), can do almost all what they want with our data, as long as they have a “decent” privacy policy, has just been confirmed in the US by the very recent decision of the District Court for the Southern District of New York. I have already … Continue reading
Could the Counter-Terrorism and Security Bill really change things for online service providers?
The Counter-Terrorism and Security Bill (CTSB) was introduced in the House of Commons on 26 November 2014 as a way to “address the capabilities gap the authorities face when it comes to communications data” says Theresa May. In particular, the aim is to “require internet providers to retain Internet Protocol – or IP – address … Continue reading
Retaining IP addresses for network security purposes… What does data protection law have to say?
It has already been announced by a few German-speaking commentators (here and here) that the Court of Justice of the European Union (CJEU) has been asked two very interesting questions by the German Federal Court of Justice (BGH) in its decision of 28 October 2014 [as mentioned in German here]: Whether dynamic IP addresses are … Continue reading
Metadata, content data almost the same thing? Yes, implies a N.Y. District Court! But is it for good or bad?
Shira A. Scheindlin, a District Judge from the United States District Court for the Southern District of New York issued a very interesting opinion on 28 October 2014 for those eager to know if the distinction between metadata and content data does make sense [members of the Peep Beep! team have already took their pens … Continue reading