We’ve heard it before, and we’ll hear it again… ‘How can interference with fundamental EU rights to privacy and personal data protection be justified when it comes to mass-automated data processing?’ In other words, to what extent will the EU Charter of Fundamental Rights keep this international agreement grounded before it can take flight? Earlier … Continue reading
Privacy shields doubling as privacy swords? … While “the best defence” may also make a “good offence” (or, “offense”, as our US counterparts would call it), first you need to be confident that your defence strategy works! Last Friday, a statement was made by EU Vice-President Ansip and Justice Commissioner Vera Jourová announcing the adoption … Continue reading
…But, will the highly anticipated EU-US ‘Privacy Shield’ live up to its super-hero billing? Last month proved to be a particularly busy time for data protection news. First, the Council of the EU adopted a political agreement on the texts that will form part of the new Data Protection Reform Package. Also hitting headlines was … Continue reading
The CJEU has definitely been very bold in its recent decision in Schrems v Data Protection Commissioner. While the judgement of the CJEU is more convincing than the opinion of the Advocate General (see my posts here and here), it is obviously not perfect. [But I wonder, perhaps naively: shouldn’t the CJEU’s decision be seen … Continue reading
While the Court of Justice of the European Union (CJEU) in its recent judgment Schrems v Data Protection Commissioner (discussed here), does not mention the words “measures of mass surveillance” it states that it is concerned about measures “authoris[ing], on a generalised basis, storage of all the personal data of all the persons”. By way … Continue reading
With Schrems and safe harbours in the spotlight, what does the conclusion of a US-EU umbrella agreement actually mean for EU citizens and US-EU relations? With news in Sophie’s recent post here on the recent judgement of the CJEU in Schrems v Data Protection Commissioner, the purpose of this post is to discuss the recent … Continue reading
How should online businesses determine which data protection laws to comply with, and how should multiple claims to jurisdiction over the national application of data protection laws be resolved? Much has been written in the last week about the ruling of the Court of Justice of the EU (CJEU) in holding that EU Commission Decision … Continue reading
Here we are: less than 2 weeks after the issuance of the opinion of the Advocate General (AG) Bot in the case Schrems v Data Protection Commissioner (see my post here) the Court of Justice of the European Union (CJEU) declared today that the US-EU safe harbour framework was invalid! While this is definitely one … Continue reading
Advocate General (AG) Bot delivered his awaited opinion on 23 September 2015 in the case C-362/14 Maximillian Schrems v Data Protection Commissioner. As readers might remember (see my previous post here), the Irish High Court had made a reference for a preliminary ruling back in 2014. [For background, talented Austrian Facebook user, Maximillian Schrems complained … Continue reading
As explained in an earlier post, the Court of Justice of the European Union (CJEU) issued on 16 April 2015 its preliminary ruling in the case of Willems and Others v Burgemeester van Nuth and Others C-446-12 to C-449/12 (Willems) concerning the interpretation of an EU Regulation (2252/2004, ‘the Regulation’) on standards for security features and biometrics … Continue reading