The topic of ‘anonymisation’ has already been covered several times on the blog (see e.g. here, here, and here). We even have a new research paper (‘Anonymous Data v. Personal Data — A False Debate: An EU Perspective on Anonymization, Pseudonymization and Personal Data’) recently published in the Wisconsin International Law Journal on this issue … Continue reading
Category Archives: Privacy
Data Protection & Intermediary liability: how do the French do it?
While the scope of intermediary liability exemptions is being discussed in several places around Europe (and beyond), it is interesting to go back to the Overblog legal saga, which a few years ago had been described by some as pre-announcing other popular sagas, such as the infamous Google Spain case (discussed in a previous post … Continue reading
The proposed ePrivacy Regulation: When the EC converses with the CJEU…
So, 2017 is full of promises! One of them is the proposed ePrivacy Regulation (officially, ‘Regulation on Privacy and Electronic Communications’) that the European Commission (EC) has suggested should replace the existing, old fashioned ePrivacy Directive (Directive 2002/58/EC on Privacy and Electronic Communications). The proposed ePrivacy Regulation – which would represent a signficant evolution in … Continue reading
Open Letter to the European Commission – On the Importance of Preserving the Consistency and Integrity of the EU Acquis Relating to Content Monitoring within the Information Society
This is not just another post on the proposed Copyright Directive released on 14 September 2016 (Proposal for a Directive of the European Parliament and of the Council on copyright in the Digital Single Market discussed in my previous post here) and others hard and/or soft law initiatives coming from the European Commission (see for … Continue reading
anonymisation / big data / Data protection / General Data Protection Regulation / ICO / Personal data / Privacy / pseudonymisation / research / Risk-based approach / sensitive data
The First-Tier Tribunal and the anonymisation of clinical trial data: a reasoned expression of Englishness…. which would have to be abandoned with the GDPR?
The Queen Mary University of London v (1) The Information Commissioner and (2) Alem Matthees, EA/2015/0269 case decided by the First-Tier Tribunal (Information Rights) (FTT(IR)) on 12 August 2016 is a fascinating decision. [Could it be a stylish expression of Englishness…. or otherness?] The case-facts concern a freedom of information request for clinical trial patient data … Continue reading
anonymisation / big data / Data protection / General Data Protection Regulation / Geo-location data / Personal data / Privacy / Privacy impact assessment / pseudonymisation
Location Data and Making Sense of the Goldilocks Paradox of Legal Anonymisation (too much, too little or just right…?)
Collect, delete, repeat …. From ‘Where I am’ to ‘Who I am’, and back again? To pick up the thread from my previous posts on the topic of location data here and here, this final piece in the set returns to the first theme I discussed. This relates to the legal debate over when location … Continue reading
I link, he delists and they get entangled in! Re-mixing copyright, trade marks and data protection while waiting for the CJEU’s decision in GS Media…
Some of you certainly remember the Google v Vuitton case decided by the CJEU some years ago now, in 2010, which was a case about trade mark infringement. (Sometimes it is useful to go back to the roots!) To make the story short, the case involved the use of keywords corresponding to trade marks in … Continue reading
anonymisation / big data / Data protection / data protection agencies / European Data Protection Supervisor / General Data Protection Regulation / ICO / Privacy / pseudonymisation / Risk-based approach
The GDPR and the biggest mess of all: why accurate legal definitions really matter….
Issued last week, here is what seems to be the final version of the General Data Protection Regulation (the GDPR)! This 6 April 2016 version, likely to be adopted by the European Parliament this week, is now in the kiosks! HIP HIP HOORRAY I hear you thinking, either ironically because more than 4 years of … Continue reading
MTE v Hungary: is the ECtHR rewriting Delfi v Estonia?
A few months after the now infamous decision Delfi v Estonia of the Grand Chamber of the European Court of Human Rights (ECtHR) [for background, see my earlier post here], the Fourth Section of the Court issued on 2 February 2016 a judgement (MTE v Hungary) dealing with similar issues. Starting with the end of … Continue reading
Access to data / Breach notification / Data protection / Data retention / General Data Protection Regulation / Law enforcement / Personal data / Privacy / Privacy impact assessment / Surveillance
Article 29 WP and the draft directive on the processing of personal data by law enforcement agencies: has Article 29 WP been heard?
Last month, the Permanent Representatives Committee (Coreper) of the Council of the EU the compromise texts agreed with the European Parliament on data protection reform. As a reminder, the reform is a legislative package concerning two legislative instruments: the second of which discussed here (and far less catching the press headlines than the General Data … Continue reading