The UK’s “data challenge” to the EU

This blog post is a re-elaboration of my interview this morning with Luca Bertuzzi, Digital & Media Editor from EurActiv, available here. Today the UK unveiled its “post-Brexit global data plans to boost growth, increase trade and improve healthcare”, which also include a multi-billion pound partnership with the US, Australia and the Republic of Korea.  Secretary of State ...

Organizations are left with no practical legal grounds to transfer personal data to the United States. “A new age of data transfers” Part III

After the official statements of the European Data Protection Board (EDPB) and several Supervisory Authorities (SAs), it is clear that at the moment there is no practical way for data to lawfully flow from the EU to the US. The reasoning in 5 steps: On 16 July 2020 the Court of Justice of the European Union (CJEU) invalidated the European ...

Glawischnig-Piesczek vs. Facebook Ireland Limited: CJEU determines that hosting provider may ordered to remove identical and equivalent comments to those which have already been declared illegal

The decision of the CJEU in this case in which a hosting provider can be required to remove content on a global level in the context of a EU Member State Court injunction within the framework of international law, exemplifies the global reach of European regulators with the Internet.   Here's a little background on the case ...

CJEU rules that the prohibition on processing certain categories of sensitive personal data applies also to operators of search engines

In Case C-136/17 GC and Others v Commission nationale de l'informatique et des libertés (CNIL), the CJEU determined that the prohibition on processing certain categories of sensitive personal data applies also to operators of search engines and that in the context of a request for de-referencing, a balance must be struck between the fundamental rights ...

CJEU rules storing cookies requires internet users’ active consent and therefore a pre-ticked checkbox is insufficient

The Court of Justice of the European Union in its Judgment in Case C-673/17 Bundesverband der Verbraucherzentralen und Verbraucherverbände ̶ Verbraucherzentrale Bundesverband eV v Planet49 GmbH, confirmed "that the consent which a website user must give to the storage of and access to cookies on his or her equipment is not validly constituted by way ...

Social plug-ins and joint controllership

The European Court of Justice in Case C-210/16, also known as the Fashion ID case, concerns the joint controllership relationship between Facebook and website operators that embed the Facebook “Like” button on their site.  Fashion ID GmbH & Co. KG, an online fashion retailer had the Like button on its website.  In order to better understand the ...

Spain and Greece referred to CJEU for not transposing EU data protection rules into national law

The European Commission has referred Greece and Spain to the Court of Justice of the EU for failing to transpose the Data Protection Law Enforcement Directive, Directive (EU) 2016/680into their national law, which should have occurred by 6 May 2018.  The purpose of the Directive is to ensure a high level of data protection and facilitate the exchanges of personal data ...

Věra Jourová: SCCs to be modernised

In her intervention at the "The General Data Protection Regulation one year on: Taking stock in the EU and beyond" event held on 13 June 2019, Commissioner Věra Jourová discussed the state of the art of the GDPR, also with the aim of providing input to the next Commission who "will have to start working ...

Starting from July requests for preliminary rulings involving natural persons will be anonymised

By No tags Permalink

In light of the GDPR and the forthcoming law that will be applicable to European Union institutions, on 29 June 2018 the Court of Justice announced that it will anonymise the personal data of natural persons in preliminary ruling requests. The decision reflects principles enshrined in the GDPR such as the right to be forgotten and is warmly welcomed. Read ...

European Union Agency for Fundamental Rights Releases its “Handbook on European data protection law – 2018 edition”

The European Union Agency for Fundamental Rights has released the updated 2018 edition of the "Handbook on European data protection law" which provides us with an understanding of the European Union and Council of Europe's applicable data protection legal frameworks. The handbook is particularly useful in that in addition to providing an overview of EU data protection law, it ...