Privacy shields doubling as privacy swords? … While “the best defence” may also make a “good offence” (or, “offense”, as our US counterparts would call it), first you need to be confident that your defence strategy works! Last Friday, a statement was made by EU Vice-President Ansip and Justice Commissioner Vera Jourová announcing the adoption … Continue reading
Tag Archives: CJEU
anonymisation / big data / Data protection / General Data Protection Regulation / Internet intermediaries / metadata / pseudonymisation / Risk-based approach / Surveillance
Mind the Caveats – CJEU Advocate General opines that Dynamic IP Addresses can be Personal Data … (sometimes)
“I am not a number …” – but to what extent does EU data protection law deem that I am identifiable from one if someone somewhere could link it back to me at a single point in time? The Court of Justice of the EU (CJEU) has been hearing arguments in a case involving the … Continue reading
I link, he delists and they get entangled in! Re-mixing copyright, trade marks and data protection while waiting for the CJEU’s decision in GS Media…
Some of you certainly remember the Google v Vuitton case decided by the CJEU some years ago now, in 2010, which was a case about trade mark infringement. (Sometimes it is useful to go back to the roots!) To make the story short, the case involved the use of keywords corresponding to trade marks in … Continue reading
Latest Policy Guidance Published on Data Protection and Location Analytics Data
‘We Know Where You Are’ to ‘We Know Who You Are’ … How far are the risks involved with processing information collected from geo-location technologies alleviated by data protection rules? With the wide uptake of smart mobile devices and the rapid development of location-based apps and services, all kinds of geographic information about us are … Continue reading
EU Commission publishes Legal Texts of New ‘Privacy Shield’ Framework for Trans-Atlantic Data Transfers
…But, will the highly anticipated EU-US ‘Privacy Shield’ live up to its super-hero billing? Last month proved to be a particularly busy time for data protection news. First, the Council of the EU adopted a political agreement on the texts that will form part of the new Data Protection Reform Package. Also hitting headlines was … Continue reading
UK Codes of Practice Enacted to Develop Regulation of State Surveillance Powers
Law and policy regarding the capture of communications data continues to dominate the headlines for 2016 The European Data Protection Day, and the equivalent US/Canadian Data Privacy Day, coincided last week on 28 January. Their purpose – this year in the 10th edition of their kind, corresponding to the anniversary of the opening for signature … Continue reading
DPAs or national supervisory authorities and the CJEU in Schrems: what does it mean to “engage in legal proceedings”?
The CJEU has definitely been very bold in its recent decision in Schrems v Data Protection Commissioner. While the judgement of the CJEU is more convincing than the opinion of the Advocate General (see my posts here and here), it is obviously not perfect. [But I wonder, perhaps naively: shouldn’t the CJEU’s decision be seen … Continue reading
Weber, DRI and Schrems: so what are “measures of mass surveillance”? And what should we do with them? A tale of 2 Courts
While the Court of Justice of the European Union (CJEU) in its recent judgment Schrems v Data Protection Commissioner (discussed here), does not mention the words “measures of mass surveillance” it states that it is concerned about measures “authoris[ing], on a generalised basis, storage of all the personal data of all the persons”. By way … Continue reading
Sick of hearing about safe harbours? What about Weltimmo?! – CJEU decision raises prospects for companies operating web services across the EU being subject to multiple data protection authorities
How should online businesses determine which data protection laws to comply with, and how should multiple claims to jurisdiction over the national application of data protection laws be resolved? Much has been written in the last week about the ruling of the Court of Justice of the EU (CJEU) in holding that EU Commission Decision … Continue reading
On Willems et al. v Burgemeester van Nuth and the processing of personal data by law enforcement agencies…If only the CJEU had been more prolix….
As explained in an earlier post, the Court of Justice of the European Union (CJEU) issued on 16 April 2015 its preliminary ruling in the case of Willems and Others v Burgemeester van Nuth and Others C-446-12 to C-449/12 (Willems) concerning the interpretation of an EU Regulation (2252/2004, ‘the Regulation’) on standards for security features and biometrics … Continue reading