Case C-73/16, Puškár – privacy requires removal from a tax office blacklist

If personal information is given to the tax office, then when can it be processed for other purposes without that person’s consent? For example, is consent required when data is made available to other state bodies such as those concerned with combating financial fraud? More

Case C-13/16, Rīgas satiksme – our police data request is necessary for our legitimate interest

If a taxi hits a bus and the taxi company tells the police who was in the taxi, then does EU data processing law stop that police data from being passed on to the bus company? More

Case C-191/15, Verein für Konsumenteninformation – Amazon’s unfair online forum shopping

In the tiny Grand Duchy of Luxembourg is a tiny branch of the corporate king, Amazon. It subjects its customers to buying their goods under Luxembourg law. Is that fair? And what happens to Amazon’s choice of law after it is has been forced through the latticed-meshes of six pieces of EU legislation which determine the applicable national law? More

Case C-192/15, Rease – secretly spied on, medical data leaked, and left unprotected by the Dutch regulator

Can the Dutch Data Protection Agency exert any control over companies based in the UK and the USA which conduct covert surveillance on Dutch territory? And in the event of an individual’s data processing law rights under Dutch law being breached, what is to be done where the internal rules of the Dutch Data Protection Agency mean that the Agency will never ever act on a complaint coming from an individual? More

Case C-582/14, Breyer – seeing the logs from the trees in privacy law

Behind a website, there may be a log. This can record which pages have been viewed, when, and by which dynamic IP address. The legal question is whether this is a processing of ‘personal data’ under the EU’s ‘data processing’ Directive 95/46/EC? More