Conseil d’Etat requests preliminary ruling from CJEU on Right to be Forgotten

The right to be forgotten has been judicially recognized by the CJEU with the Google Spain judgment  (Case C-131/12). According to the judgement, Europeans have the right to disappear from search engine’s results under certain conditions. The National Commission of Information Technologies and Liberties (CNIL), Commission nationale de l’informatique et des libertés, rejected some complaints […]

Tags: ,

Does the GDPR Apply to My Organization? The “Extraterritoriality” of the New European Data Protection Regulation

Regulation (EU) 2016/679, the General Data Protection Regulation (GDPR) repeals Directive 95/46/EC and expands on the protection of natural persons with regard to the processing of personal data and the free movement of such data. The GDPR will come into force in May 2018 and will have an expanded territorial scope of application compared to […]

Tags:

So much promise, so little delivery …, i.e. why the Privacy Shield might not matter much for the biggest American businesses (read: tech-giants)

After the October 6, 2015, European Court of Justice’s annulment of the Safe Harbor decision of adequacy (Maximilian Schrems v. Data Protection Commissioner), the European Data Protection Authorities (DPAs) gave businesses until January 31, 2016, for the start of enforcement of the Schrems’ decision (see here). The Safe Harbor Scheme had been used for almost 15 years as […]

Francesca Giannoni-Crystal, so much promise, so little delivery …, i.e. why the Privacy Shield might not matter much for the biggest American businesses (read: tech-giants)

After the October 6, 2015, European Court of Justice’s annulment of the Safe Harbor decision of adequacy (Maximilian Schrems v. Data Protection Commissioner), the European Data Protection Authorities (DPAs) gave businesses until January 31, 2016, for the start of enforcement of the Schrems’ decision (see here). The Safe Harbor Scheme had been used for almost 15 years as the […]

Tags: , ,

Francesca Giannoni-Crystal, The rationale of Advocate General Bot’s Opinion in Schrems: why the Safe Harbor Decision is invalid

On September 23, Advocate General Yves Bot at the European Court of Justice (“AG”) released his Opinion in C-362/14 (Maximilian Schrems v. Data Protection Commissioner). Waiting for the decision of the European Court of Justice – expected on October 6 – and keeping in mind that the Court follows the Advocate General’s opinions 80% of […]

Tags: ,

EU data protection jurisdiction may be triggered by the physical presence of one worker, Advocate General opines in Weltimmo case

On June 25, 2015, the advocate general of the Court of Justice of the European Union (“ECJ”) filed his opinion in the case 230/14, Weltimmo s.r.o. v Nemzeti Adatvédelmi és Információszabadság Hatóság (“Weltimmo”). According to the Advocate General, in order to determine which EU data protection law applies, authorities shall consider where the companies’ activity […]

Tags: ,

WP29’s Guidelines on the “right to be forgotten” – De-listing on all domains (including .com) required

On November 26, 2014, Article 29 Working Party (“WP29”) published the Guidelines for the implementation of the European Court of Justice (“ECJ)’s recent decision in the Costeja case, C-131/12 (“right to be forgotten” decision), holding that data subjects have a right to obtain the de-listing of links appearing in the search results based on a person’s name. Most […]

Tags: ,

1 2 3