What better timing than less than two weeks after the release of the (poorly drafted) proposed Digital Omnibus to issue a (ground-shaking) judgment on the interplay between the old e‑Commerce Directive (ECD) and the General Data Protection Regulation (GDPR)? Here’s a freshly delivered ruling from the Court of Justice of the European Union (CJEU) that … Continue reading
Category Archives: GDPR
On Pancakes, Paper Pudding, and the Draft Digital Omnibus: What Happens Next?
I thought I was done with blogging. Yet if the leaked digital Omnibus achieved anything positive, it was to bring me back to joyful collage… which is worth explaining. As for what comes next, we’ll have to wait, and make time, to search for antidotes. This post is about pancakes and paper pudding, and how … Continue reading
content regulation / Copyright / Data protection / filtering / GDPR / Internet intermediaries / notice-and-action
The EU Commission and the tackling of illegal content: is more too much?
The European Commission (EC) Recommendation of 1.3.2018 on measures to effectively tackle illegal content online (C(2018) 1177 final) is now freely accessible. As readers know, this is not the first time the EC has attempted to express meaningful thoughts (for lack of a better word, as once again the instrument is not strictly speaking … Continue reading
Data Protection and data analytics: what is Art. 29 WP really saying to businesses wanting to innovate with data?
In three-month time, the General Data Protection Regulation (GDPR), will become applicable to many, if not all, data processing activities to which living individuals can be associated. Businesses operating in Europe have had about two years to prepare for this change. As readers know, even if the GDPR is a lengthy piece of … Continue reading
big data / Consumer data / GDPR / Legitimate interest / metadata / Privacy impact assessment / pseudonymisation
EU Article 29 Working Party consults on draft guidance on automated decision-making and profiling
“Computer says ‘No’”? …So, what exactly do the regulators think that the GDPR says in response? Last month, the Article 29 Working Party (Art.29 WP) announced that it is seeking feedback on draft Guidelines on automated individual decision-making including profiling (WP251) under the General Data Protection Regulation ((EU) 2016/679) (GDPR) in advance of its arrival … Continue reading
data controller / data protection agencies / facebook / GDPR / General Data Protection Regulation / Jurisdiction / liability / online platforms / Personal data / Social media
CJEU Advocate General opines on the definition of a data controller, applicable national law, and jurisdiction under data protection law
‘Cruise control for the social media age, or stuck in second gear?’ The issue of defining data controllership is “particularly thorny” says AG, and looking to become thornier as complete control is becoming less and less common in practice Last month, Advocate General (AG) Bot of the Court of Justice of the EU (CJEU) delivered … Continue reading