On 11 November 2020, the Court of Justice of the European Union (CJEU) in Orange România SA v Autoritatea Naţională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP) (Case C-61/19) delivered its preliminary ruling on the issue of valid consent under the General Data Protection Regulation 2016/679/EU (GDPR) and Directive 95/46/EC. You can read the judgment here.

The CJEU held that a printed contract for mobile telecommunication services containing a clause stating that the customer has consented to the collection and storage of their identity documents does not constitute valid consent where the box referring to that clause has been pre-ticked by the data controller before the contract was signed.

The case follows up on the previous ruling in Planet49 (Case C-673/17) on which we commented last year here and here.Continue Reading CJEU delivers judgment on conditions for valid consent in an offline context

In a recent request for a preliminary ruling in a case concerning Amazon, the Advocate General Pitruzzella (AG) has given his opinion that the Consumer Rights Directive (2011/83/EU) (CRD) requires traders to offer their consumers a choice of means of communication, but this is not confined to the trader’s telephone number. The CRD includes the trader’s telephone number, fax number and e-mail address, “where available, to enable the consumer to contact the trader quickly and communicate with him efficiently”. The AG clarified that this is therefore not limited to a telephone number, and accordingly traders may use other means of communication with consumers as long as they are consistent with the technical means of the transaction being made.

Online trades imply sufficient knowledge of interacting over the internet

The Federation of German Consumer Organisations (Verbraucherzentrale Bundesverband) brought a claim asserting that Amazon did not offer sufficient contact channels to its consumers before the conclusion of an online sale – in spite of the online sales platform’s automated call-back facility and online chat service. There was a particular concern that consumers were not provided with the company’s fax number and were also prompted to follow an identity-verification process before they could have access to Amazon’s general helpline telephone number.Continue Reading Must online traders provide consumers with a contact telephone number? Advocate General says no…t necessarily

On 19 December 2018, the Advocate General (AG) delivered an opinion in a case concerning Fashion ID and Facebook, which considered the parties’ status as joint controllers, under the Data Protection Directive 95/46/EC (DP Directive), when a social plug-in had been embedded.

Fashion ID’s website inserted Facebook’s ‘Like’ button as a plug-in, allowing personal data, such as the user’s IP address and browser journey, to be transferred to Facebook regardless of whether the user clicked on the Facebook Like button. A consumer protection association brought a claim against Fashion ID, arguing that the use of the Facebook Like button was a breach of data protection laws.

The AG’s opinion focuses on four main areas. The first proposal within that opinion is that the DP Directive did not preclude national legislation granting standing to public service associations for them to protect consumers. The remaining three proposals are discussed further below.Continue Reading Social plug-ins – Advocate General issues opinion on joint controllership case