So, 2017 is full of promises! One of them is the proposed ePrivacy Regulation (officially, ‘Regulation on Privacy and Electronic Communications’) that the European Commission (EC) has suggested should replace the existing, old fashioned ePrivacy Directive (Directive 2002/58/EC on Privacy and Electronic Communications). The proposed ePrivacy Regulation – which would represent a signficant evolution in … Continue reading
Tag Archives: data retention
Access to data / content data / Data protection / Data retention / Internet intermediaries / ISPs / mass surveillance / metadata / national security
The CJEU in Tele2 Sverige: are general(ised) data retention obligations incompatible with EU law?
Christmas was particularly festive for privacy advocates with the Court of Justice of the European Union (CJEU) judgement in the joint cases C‑203/15 Tele2 Sverige AB v Postoch telestyrelsen and C‑698/15 Secretary of State for the Home Department v Secretary of State for the Home Department and the leak of the European Commission’s upgraded version … Continue reading
Data retention / Data transfer / Human rights / Law enforcement / safe harbour / Security / Surveillance
CJEU Advocate General opines on the compatibility of EU-Canada PNR Agreement with EU Charter rights to privacy and personal data protection
We’ve heard it before, and we’ll hear it again… ‘How can interference with fundamental EU rights to privacy and personal data protection be justified when it comes to mass-automated data processing?’ In other words, to what extent will the EU Charter of Fundamental Rights keep this international agreement grounded before it can take flight? Earlier … Continue reading
Bulk Personal Datasets and the ‘Spectre’ of Pervasive Surveillance Concerns Back in the Spotlight with the Investigatory Powers Bill
Are proposals to introduce oversights over state powers to obtain, analyse, and retain mass sets of personal details sufficient to alleviate concerns where they include data about individuals unconnected to investigations? Much has been written about the UK government’s proposed new Investigatory Powers Bill (IPB) since it was published for consultation by the Home Office, … Continue reading
Access to data / content data / Data protection / Data retention / deep packet inspection / ISPs / Law enforcement / metadata / Personal data / Privacy / Surveillance
The Draft IP Bill and data retention obligations: on the irony of the invalidation of the Data Retention Directive
The Draft Investigatory Powers (IP) Bill was published on the 4th of November. It aims to “govern the use and oversight of investigatory powers by law enforcement and the security and intelligence agencies” in the UK. It is an attempt both to simplify the legal framework and legalise practices, which means it is, in part, … Continue reading
Weber, DRI and Schrems: so what are “measures of mass surveillance”? And what should we do with them? A tale of 2 Courts
While the Court of Justice of the European Union (CJEU) in its recent judgment Schrems v Data Protection Commissioner (discussed here), does not mention the words “measures of mass surveillance” it states that it is concerned about measures “authoris[ing], on a generalised basis, storage of all the personal data of all the persons”. By way … Continue reading
EU Parliament agrees to commence finalising the Passenger Name Record Directive in light of added data protection safeguards
Questions asked about the necessity and proportionality of yet another state scheme authorising the bulk sharing of personal data, and its storage, for risk assessment purposes – Will the EU get it right this time? In light of the growing threat posed by Islamic State militants, the issue of the EU air travel industry’s passenger … Continue reading
The Davis judgement: does Article 8 of the European Charter go beyond Article 8 of the ECHR?
Here we are! The last episode of the UK saga “and what do we do with data retention laws” has been issued by the English High Court, with its judgement in the case David Davis MP, Tom Watson MP, Peter Brice, Geoffrey Lewis v The Secretary of State for the Home Department [2015] EWHC 2092 … Continue reading
ISPs: data controllers as well as mere conduits? Does this make sense? What do we do with the e-privacy Directive if we care?
So here we are, the English Court of Appeal, as it has been explained by Alison in her post, has recently held in the Google v Vidal-Hall case, among other things, that there was a serious issue to be tried that Browser-Generated Information (BGI) is personal data under the Data Protection Act of 1998 (DPA), … Continue reading
Two Parliamentary reports give unique insight into the operations of the UK intelligence services, while advocating for overhaul of “piecemeal and “unnecessarily complicated” surveillance rules
Call for more transparency in UK surveillance legal regime accompanied by revelations regarding the existence of ‘bulk personal datasets’ Two important reports were presented to Parliament in March. They represent a landmark in terms of the level of transparency they provide surrounding the activities of the UK intelligence and security agencies. The reports are: The … Continue reading