Glawischnig-Piesczek vs. Facebook Ireland Limited: CJEU determines that hosting provider may ordered to remove identical and equivalent comments to those which have already been declared illegal

The decision of the CJEU in this case in which a hosting provider can be required to remove content on a global level in the context of a EU Member State Court injunction within the framework of international law, exemplifies the global reach of European regulators with the Internet.   Here's a little background on the case ...

CJEU rules that the prohibition on processing certain categories of sensitive personal data applies also to operators of search engines

In Case C-136/17 GC and Others v Commission nationale de l'informatique et des libertés (CNIL), the CJEU determined that the prohibition on processing certain categories of sensitive personal data applies also to operators of search engines and that in the context of a request for de-referencing, a balance must be struck between the fundamental rights ...

CJEU rules storing cookies requires internet users’ active consent and therefore a pre-ticked checkbox is insufficient

The Court of Justice of the European Union in its Judgment in Case C-673/17 Bundesverband der Verbraucherzentralen und Verbraucherverbände ̶ Verbraucherzentrale Bundesverband eV v Planet49 GmbH, confirmed "that the consent which a website user must give to the storage of and access to cookies on his or her equipment is not validly constituted by way ...

Social plug-ins and joint controllership

The European Court of Justice in Case C-210/16, also known as the Fashion ID case, concerns the joint controllership relationship between Facebook and website operators that embed the Facebook “Like” button on their site.  Fashion ID GmbH & Co. KG, an online fashion retailer had the Like button on its website.  In order to better understand the ...

Spain and Greece referred to CJEU for not transposing EU data protection rules into national law

The European Commission has referred Greece and Spain to the Court of Justice of the EU for failing to transpose the Data Protection Law Enforcement Directive, Directive (EU) 2016/680into their national law, which should have occurred by 6 May 2018.  The purpose of the Directive is to ensure a high level of data protection and facilitate the exchanges of personal data ...

Věra Jourová: SCCs to be modernised

In her intervention at the "The General Data Protection Regulation one year on: Taking stock in the EU and beyond" event held on 13 June 2019, Commissioner Věra Jourová discussed the state of the art of the GDPR, also with the aim of providing input to the next Commission who "will have to start working ...

Starting from July requests for preliminary rulings involving natural persons will be anonymised

By No tags Permalink 0

In light of the GDPR and the forthcoming law that will be applicable to European Union institutions, on 29 June 2018 the Court of Justice announced that it will anonymise the personal data of natural persons in preliminary ruling requests. The decision reflects principles enshrined in the GDPR such as the right to be forgotten and is warmly welcomed. Read ...

European Union Agency for Fundamental Rights Releases its “Handbook on European data protection law – 2018 edition”

The European Union Agency for Fundamental Rights has released the updated 2018 edition of the "Handbook on European data protection law" which provides us with an understanding of the European Union and Council of Europe's applicable data protection legal frameworks. The handbook is particularly useful in that in addition to providing an overview of EU data protection law, it ...

EU-Canada PNR Agreement is incompatible with EU fundamental rights

The Court of Justice of the European Union recently issued an opinion determining that the agreement envisaged between the EU and Canada on the transfer of Passenger Name Record (PNR) data may not be concluded in its current form, since several provisions of the draft agreement don't meet requirements stemming from the fundamental rights of the European ...

The Case of Standard Contractual Clauses: The Irish Data Protection Commissioner & Max Schrems

“The supervisory authorities should have the power to prohibit or suspend a data transfer or a set of transfers based on the standard contractual clauses in those exceptional cases where it is established that a transfer on contractual basis is likely to have a substantial adverse effect on the warranties and obligations providing adequate protection ...