Tag Archives: CJEU

CJEU rules Digital Rights Ireland’s Privacy Shield invalidation action inadmissible

Background On 22 November 2017, the Court of Justice of the European Union (“CJEU”) gave judgment in a case taken by the not-for-profit company, Digital Rights Ireland Limited (“DRIL”). DRIL sought an annulment of the European Commission’s Privacy Shield decision. This decision states that the US ensures an adequate level of protection for personal data … Continue Reading

Get your update on IT & Privacy Law (Germany)

The Summer 2017 Edition of the quarterly IT & Privacy Newsletter by Reed Smith Germany has just been released. We cover the German GDPR Implementation Act, new case law on processing on the basis of legitimate interests, marketing consent, and provider liability, as well as the paper on Google Analytics by the Hamburg data protection … Continue Reading

CJEU: Operation of peer-to-peer sharing platform may qualify as copyright infringement

In a preliminary judgment of 14 June 2017, Case C-610/15, the Court of Justice of the European Union (‘CJEU’) held that the making available and management of a peer-to-peer sharing platform may constitute a copyright infringement. Facts of the case In the underlying main proceedings before the Supreme Court of the Netherlands, Stichting Brein, a Dutch … Continue Reading

Legitimate interests: a balancing act

The Court of Justice of the European Union (CJEU) recently gave its preliminary ruling on the interpretation of the legitimate interests condition under Article 7(f) of the Data Protection Directive 95/46/EC (the Directive) in the context of processing by a public authority. A collision In 2012, a passenger in a taxi in Latvia suddenly opened … Continue Reading

German Federal Supreme Court confirms: Dynamic IP addresses may constitute personal data

According to a press release dated 16 May 2017, and following the Court of Justice of the European Union’s (CJEU) preliminary ruling in Case C-582/14 dated 19 October 2016 (see our previous blog), the German Federal Supreme Court (Bundesgerichtshof – FSC) confirmed in a judgment of 15 May 2017, case no. VI ZR 135/13 that dynamic IP addresses constitute personal data within … Continue Reading

CJEU says dynamic IP addresses can constitute personal data

The Court of Justice of the European Union (“CJEU”) has ruled that dynamic IP addresses can constitute personal data. Dynamic IP addresses, registered by a website provider when an individual accesses its website, shall constitute personal data where the operator has the legal means to combine the data with additional data (held by the internet … Continue Reading

CJEU Attorney General Opinion Seeks to Restrict the Interpretation of ‘Establishment’

In June, the Attorney General (“AG”) of the Court of Justice of the European Union (“CJEU”) issued his opinion (English translation pending) in the case of Verein für Konsumenteninformation v Amazon EU Sàrl (Case C-191/15). The opinion makes potentially important observations about which law should apply to the processing of personal data under the Data … Continue Reading

Advocate General’s opinion states that IP addresses are Personal Data

On 12 May, the Advocate General’s (AG) opinion in Case C-582/14 Patrick Breyer v Germany was released, stating that dynamic IP addresses should be considered personal data for the purposes of EU data protection law. Although opinions of the AG are not binding on the Court of Justice of the European Union, whose full judgment … Continue Reading

Safe Harbor re-launched as the “EU-U.S. Privacy Shield” – but doubts are already raised that it will live to survive a battle

After what seemed like sure defeat, an agreement on Safe Harbor has apparently been reached. Dubbed the “EU-U.S. Privacy Shield”, the regime will, subject to approval processes, replace the existing Safe Harbor arrangement which was invalidated 6 October 2015. Click here to read more in the issued Client Alert.… Continue Reading

The French CNIL officially requires the use of EU Model Clauses as a quick fix for businesses impacted by the recent Safe Harbor ruling of CJEU – Companies must be compliant as of end January 2016

On 19 November, the CNIL released an article in order to provide companies impacted by the recent CJEU ruling on invalidation of Safe Harbor with guidance on the next steps. The article was published at the same time the CNIL sent a mailing to all data controllers relying on Safe Harbor to fix the issue. … Continue Reading

Could the UK see a shake-up of its Data Retention Powers? Questions referred to the CJEU

On 20 November 2015 the UK’s Court of Appeal referred questions on data retention to the Court of Justice of the European Union (CJEU) following a challenge to the Data Retention and Investigatory Powers Act (DRIPA) 2014. The referral to the CJEU is significant as it could finally provide clarification as to the application of … Continue Reading

Issue relating to single consumer triggers finding of ‘misleading commercial practice’

The ECJ provided a preliminary ruling on Nemzeti Fogyasztovedelmi Hatosag v UPC Magyarorszag, which could have major implications on commercial practices. In this case, the ECJ decided that the communication of erroneous information from business to consumer will be classified as a misleading commercial practice within the meaning of the Unfair Commercial Practices Directive (2008/29) … Continue Reading

House of Lords’ report on Google ‘right to be forgotten’ case concludes that it’s ‘bad law’

Back in May, we covered the European Union Court of Justice’s landmark ruling in the Google Spain case (‘CJEU Judgment’). Since then, much has been made in the media about the so-called “right to be forgotten”, and the various characters that have requested the removal of links relating to them. Now, the House of Lords … Continue Reading
LexBlog