Canada and the EU have negotiated a new Passenger Name Record Agreement. A plank of the Agreement involves the transfer and processing of data. The European Parliament is asking the CJEU for a legal opinion on the compatibility of that Agreement with the EU Charter.
Continue readingAuthor Archives: admin
Case C-72/15, Rosneft – challenging the EU’s sectoral sanctions against Russia
Russian activities in Ukraine have prompted the EU to adopt a package of sanctions aimed at various Russians and Russian companies. These sanctions have been enshrined in various pieces of EU legislation and implemented by the EU Member States in their national laws. These sanctions are affecting an oil company which is part-owned by a British oil company ‘BP’, and part-owned by a Russian oil company that belongs to the State of Russia. To begin with, the company is challenging the legality of the UK’s implementing legislation. However, the validity of the EU’s legislation is also at stake. Does the CJEU have jurisdiction to rule on the validity of a Decision adopted pursuant to the EU’s Common Foreign and Security Policy? And if so, then does the drafting of the EU’s legislation satisfy the requirements of legal certainty and foreseeability in circumstances where that legislation forms the basis of criminal penalties?
Continue readingCase C-582/14, Breyer – seeing the logs from the trees in privacy law
Behind a website, there may be a log. This can record which pages have been viewed, when, and by which dynamic IP address. The legal question is whether this is a processing of ‘personal data’ under the EU’s ‘data processing’ Directive 95/46/EC?
Continue readingCase C-547/14, Philip Morris Brands – the Second Tobacco Products Directive is invalid
Is the EU’s Second Tobacco Products Directive 2014/40/EU invalid?
Continue readingCase C-484/14, McFadden – a mere conduit?
If a person offers non-password-protected access to the Internet, and an unknown user passes a piece of copyright-infringing music over that Internet connection, then can the person offering the Internet access be absolved of legal liability on the basis that he is but a ‘mere conduit’ under the EU’s ‘E-Commerce’ Directive 2000/31/EC?
Continue readingCase C-470/14, EGEDA – will a state-financed ‘private copy’ scheme deliver fair compensation?
According to Article 5(2)(b) of the EU’s InfoSoc Directive 2001/29/EC, copyright holders can be paid ‘fair compensation’ for the copies of protected works made by people for private use. In some Member States this type of scheme is financed by levies on electronic equipment. However, Spain has decided to pay right holders directly from the state budget. Spanish copyright ‘collecting societies’ do not like this, and claim that the scheme contravenes EU law.
Continue readingCase C-314/14, Sanoma Media Finland – exceeding the maximum amount of hourly advertising?
Media companies interrupt television programmes for advertising breaks. At the end of television programmes there is yet more advertising. According to Article 23 of the EU’s Audiovisual Media Services Directive 2010/13/EC, the maximum amount of advertising per hour is 12 minutes. In this case, a company has been exceeding that amount by splitting up what appears in the television screen so that while one programme’s end-credits roll other programmes are trailed, and during the trails the corporate logos and goods made by the sponsoring companies also appear on the screen. Is this not also corporate advertising that should rightly be included in the hourly amount of advertising?
Continue readingCase C-230/14, Weltimmo – regulatory competence over websites
If a Slovakian company runs a website that advertises Hungarian homes for sale, and Hungarian residents submit their personal data to the company’s website server, then in the event of the Slovakian company breaching data protection laws, does the Hungarian Data Protection Authority retain any regulatory competence to ensure that Hungarian data protection law is complied with? Or should the Hungarian Authority simply have requested its Slovakian counterpart to take action against the Slovakian company?
Continue readingCase C-362/14, Schrems – does a ‘safe harbour’ shelter states that deprive EU citizens of their EU Charter rights?
If the EU Commission deems a non-EU state to be a ‘safe harbour’ for the purposes of data processing, then personal data about EU citizens can be sent to companies in that non-EU state. This is not new. For example, in 2000 the EU Commission had decided that the USA was a ‘safe harbour’. However, in 2013 Edward Snowden made a series of revelations concerning the USA’s blanket interception of Internet and telecoms systems. These revelations have generated a question of EU law. Namely, can an EU Member State’s national data protection regulator now disregard the EU Commission’s finding that the USA is a ‘safe harbour’, and do so on the basis that the USA’s laws and practices do not adequately protect and respect an EU citizen’s EU Charter rights to privacy and data protection?
Continue readingCase C-362/14, Schrems – does a ‘safe harbour’ shelter states that deprive EU citizens of their EU Charter rights?
If the EU Commission deems a non-EU state to be a ‘safe harbour’ for the purposes of data processing, then personal data about EU citizens can be sent to companies in that non-EU state. This is not new. For example, in 2000 the EU Commission had decided that the USA was a ‘safe harbour’. However, in 2013 Edward Snowden made a series of revelations concerning the USA’s blanket interception of Internet and telecoms systems. These revelations have generated a question of EU law. Namely, can an EU Member State’s national data protection regulator now disregard the EU Commission’s finding that the USA is a ‘safe harbour’, and do so on the basis that the USA’s laws and practices do not adequately protect and respect an EU citizen’s EU Charter rights to privacy and data protection?
Continue reading