Host providers with actual knowledge of illegal activities must expeditiously (and worldwide) remove or disable access to the information, the ECJ held

  On October 3, 2019 in Case C-18/18, Eva Glawischnig-Piesczek v. Facebook Ireland Limited, the European Court of Justice (EDJ) held that — under Directive 2000/31, the Directive on electronic commer – cefor a platform (host provider) to be considered hosting provider (and so benefit from liability exception), while it must play a passive role (having no knowledge of the content), must […]

Right to be forgotten and Google – update

UPDATE: On September 24, 2019, the European Court of Justice ruled in favor of Google after the company appealed. The Court found that Google is not forced to censor its search results on a global scale and is only required to remove outdated or irrelevant links on its European sites. The ruling stated, “Currently, there […]

Tags:

ECJ holds by embedding social media plug-ins in website you may become a joint data controller with the social media provider

  On July 29, 2019, the Court of Justice of the European Union (ECJ) published its judgement in case C-40/17, holding – like Advocate General Bobek (see here) suggested – that an organization who embeds a Facebook “Like” button on its website may be considered a data controller. In this case, a German fashion online […]

Tags: ,

EDPB’s oral pleading before EU Court of Justice on Model Clauses preliminary ruling

On July 9, 2019, the Court of Justice of the European Union heard oral arguments on a landmark case concerning Facebook’s transfer of personal data from the EU to the US on the basis of the currently utilized “standard contractual clauses” (SCCs) mechanism. See here for more info. The oral hearing took place in front […]

Tags: ,

Update: oral hearing before the ECJ on Model Clauses preliminary ruling

On July 9, 2019, the European Court of Justice (CJEU) heard oral arguments on a landmark case concerning Facebook’s transfer of personal data from the EU to the US on the basis of the currently utilized “standard contractual clauses” (SCCs) mechanism. The CJEU’s decision — will have tangible consequences for businesses performing data transfers from […]

Tags:

The dissemination of sensitive data for defensive purposes doesn’t violate privacy without actual damages, Italian Supreme Court held

  On May 20, 2019, the Corte di Cassazione, the Italian Supreme Court, clarified that if the damage is not proven, there is no crime for the violation of privacy under the Italian Privacy Code (Article 167, Legislative Decree 196/2003). In this case, a father and a son were involved in a civil proceeding. The father […]

Tags: ,

Important question about the GDPR “one –stop shop” mechanism referred to the ECJ

On May 8, 2019, the Brussel’s Court of Appeal referred certain questions to the Court of Justice of the European Union (CJEU) to ensure that the Belgian Data Protection Authority (DPA) can pursue the case against Facebook also after the GDPR entered into force. In particular, the questions is whether the one-stop shop mechanism (which […]

Tags: ,

UK DPA fined “parenting club” company for violation of the principle of “fairness” in processing

  On April 9, 2019, the UK Data Protection Authority, the Information Commissioner Officer (ICO), served a monetary penalty notice under section 55A of the Data Protection Act 1998 (DPA) of around $ 520,000. The fined company (Bounty) shared the personal data of over 14 million individuals to a number of organizations including credit reference […]

Tags: ,

1 2 3 10