Glawischnig-Piesczek vs. Facebook Ireland Limited: CJEU determines that hosting provider may ordered to remove identical and equivalent comments to those which have already been declared illegal

The decision of the CJEU in this case in which a hosting provider can be required to remove content on a global level in the context of a EU Member State Court injunction within the framework of international law, exemplifies the global reach of European regulators with the Internet.   Here's a little background on the case ...

FTC Fines Google $170 Million USD for having violated the privacy of children on YouTube

The American Federal Trade Commission and the New York Attorney General reached a settlement with Google (YouTube) for having violated the American Federal Children's Online Privacy Protection Act (COPPA). YouTube was accused of illegally harvesting the data of children, tracking their browsing behaviour in order to offer them targeted advertising,, all without the consent ...

The importance of Data Protection in research

The Swedish Data Protection Authority recently launched an investigation into Umeå University's handling of sensitive personal data, specifically data obtained from the Danish Police Authority for research purposes. The Swedish Police Authority to the Data Inspectorate has alleged that the university sent the sensitive data in its possession via unencrypted email. Data protection in ...

Social plug-ins and joint controllership

The European Court of Justice in Case C-210/16, also known as the Fashion ID case, concerns the joint controllership relationship between Facebook and website operators that embed the Facebook “Like” button on their site.  Fashion ID GmbH & Co. KG, an online fashion retailer had the Like button on its website.  In order to better understand the ...

Don’t use consent for the processing of employee data! Greek DPA issues first fine under GDPR

The Hellenic DPA in Decision no 26/2019 decided that for personal data to be processed in compliance with the GDPR, all the principles outlined in Article 5(1) GDPR should be met. The Decision came to light after the DPA received complaints concerning the processing of PriceWaterhouseCoopers employee data where employees were required to provide their ...

ePrivacy Regulation updates

On 12 July 2019 the consolidated text of the forthcoming ePrivacy Regulation was made available. The document was published in light of the 17 July WP TELE (which will focus on articles 12-16 and related recitals) and covers the entire text of the proposed regulation. Of particular relevance, the definition of direct marketing communications ...

Věra Jourová: SCCs to be modernised

In her intervention at the "The General Data Protection Regulation one year on: Taking stock in the EU and beyond" event held on 13 June 2019, Commissioner Věra Jourová discussed the state of the art of the GDPR, also with the aim of providing input to the next Commission who "will have to start working ...

Call for global agreement on Data Protection

I think that today is a good day to ask the future Members of the European Parliament and American Presidential Candidates to think about a global dimension of data protection and to commit themselves to develop international legislative instruments that have the power to truly enable world-wide digital citizenship.   Read my Letter addressed to the ...

Personal Data Protection as the New Competitive Edge: Generating Socially Responsible Corporate Behaviour

Last Friday I held my inaugural lecture as Professor of Privacy, Cybersecurity, and IT Contract Law at the Faculty of Law - European Centre for Privacy & Cybersecurity at Maastricht University. During my lecture I introduced the research activities that I would like to further develop at Maastricht University in a multidisciplinary setting that includes ...

The Automated Vehicle Safety Consortium and Fairness by Design

The Ford Motor Company, General Motors, the Toyota Motor Corporation, and SAE International have recently announced the formation of the Automated Vehicle Safety Consortium (AVSC) whose aim is to advance the safe development, testing and deployment of automated vehicles. The AVSC, according to SAE, "will provide a safety framework around which autonomous technology can responsibly evolve in ...