Latest Entries
content regulation / Copyright / defamation / filtering / hate speech / Human rights / Internet intermediaries / Law enforcement / liability / notice-and-action / notice-and-take down / terrorism

The EU approach to content regulation online: tackling (il)legal content online with upload and re-upload filters!

Posted on by 3 Comments

Intermediary liability has been up until now a never-ending story. For the past two years, we have been regularly fed with communications, codes of conduct, legislative proposals, as well as soft but loud encouragements, from national governments targeting online platforms and asking them to do much more to tackle illegal content such as child sexual … Continue reading

Data retention / Human rights / Intelligence and security agencies / interception / Jurisdiction / mass surveillance / national security / Security / terrorism

Questions on UK bulk communications data capabilities referred to the EU Court of Justice

Posted on by 1 Comment

The validity of EU Member State legislation to collect and analyse bulk communications (meta)data about us by the security agencies continues to be vexed by questions over the application of EU privacy law requirements The UK Investigatory Powers Tribunal (IPT) has this month referred questions to the EU Court of Justice (CJEU) in a decision … Continue reading

Consumer data / Cybersecurity / Internet of Things / national security / Risk-based approach

Governments push on with Cybersecurity Law and Policy Initiatives – an Overview so far in 2017

Posted on by Leave a comment

Another day, another massive personal data security breach… but how have law-makers and regulators reacted in developing cyber-security policies so far this year? This week it was reported that Equifax – the US credit bureau – suffered a giant cybersecurity breach this summer compromising the personal information (including names, social security numbers, birth dates, addresses, … Continue reading

Human rights / mass surveillance / safe harbour / Surveillance

CJEU rules EU-Canada PNR Agreement incompatible with EU Charter rights to privacy and personal data protection

Posted on by Leave a comment

EU data protection/privacy laws continue to keep this international Air Passenger data agreement ‘grounded from taking flight’, but what effect could the decision have on similar data agreements already concluded with the EU? On 26 July, the European Court of Justice (CJEU) declared that the EU-Canada Passenger Name Record (PNR) Agreement is incompatible with EU … Continue reading

Data protection / General Data Protection Regulation / Personal data

Advocate General Delivers Opinion on Whether Examination Scripts Are Personal Data under Data Protection Law

Posted on by Leave a comment

Exam scripts are personal data, says the AG, when the purpose it is to identify and record the performance of a particular individual; but that doesn’t mean you can go back and change your answers! On 20 July 2017, the EU Court of Justice’s Advocate General (AG) Kokott delivered her opinion in Peter Nowak v … Continue reading

Data protection / General Data Protection Regulation / ICO / misuse of private information

The GDPR, the parallel regime and the ICO

Posted on by 2 Comments

The General Data Protection Regulation (GDPR) will be applicable in less than a year, and experts are still discussing the extent to which the new regulation will have a significant impact upon the ‘legal basis’ requirement. However, as Bob Miller suggests in this guest blog post, it might not be enough to read and re-read … Continue reading

audiovisual media services / content regulation / illegal content / Internet intermediaries

On Article 28a and the proposal to extend the AVMSD: is it time to be pessimistic?

Posted on by 1 Comment

The proposal to extend the Audiovisiual Media Services Directive (AVMSD) continues along its legislative path. We are now entering the trilogue negotiations phase, and, after having read the unrelated [at least at first glance] G7 Taormina Statement on the fight against terrorism and violent extremism, I am re-reading  the  text of the Proposal for a … Continue reading

information society services / Internet intermediaries

The politics of online platforms: when AG Szpunar converses with the EC in Elite Taxi v Uber.

Posted on by 3 Comments

Advocate General Szpunar (AG) delivered yesterday his opinion in the highly political and much awaited case C‑434/15 Asociación Profesional Elite Taxi v Uber Systems Spain SL. In a nutshell, the AG was asked to answer four questions concerning two important milestones of the European Union (EU) acquis: the E-commerce Directive of 2000 and the services … Continue reading

General Data Protection Regulation / illegal content / Internet intermediaries / Legitimate interest / Personal data

The CJEU and the concept of ‘legitimate interest’: The case of Rīgas satiksme

Posted on by 1 Comment

The Court of Justice of the European Union (CJEU) delivered its awaited judgment on 4 May in the case Valsts policijas Rīgas reģiona pārvaldes Kārtības policijas pārvalde v Rīgas pašvaldības SIA ‘Rīgas satiksme’, answering two related questions: ‘(1)      Must the phrase ‘is necessary for the purposes of the legitimate interests pursued by the … third party … Continue reading

big data / Data protection / data protection agencies / General Data Protection Regulation / Privacy impact assessment / Risk-based approach / sensitive data

New EU Guidelines on Data Protection Impact Assessments

Posted on by Leave a comment

Assessing the likelihood of a ‘deep impact’ – but how ‘deep’ is ‘deep enough’ and by whose standards? In other words, how exactly do you develop a methodology for determining whether processing is “likely to result in a high risk” to data subjects under the GDPR? Draft guidelines on conducting data protection impact assessments (DPIAs) … Continue reading