If the EU Commission deems a non-EU state to be a ‘safe harbour’ for the purposes of data processing, then personal data about EU citizens can be sent to companies in that non-EU state. This is not new. For example, in 2000 the EU Commission had decided that the USA was a ‘safe harbour’. However, in 2013 Edward Snowden made a series of revelations concerning the USA’s blanket interception of Internet and telecoms systems. These revelations have generated a question of EU law. Namely, can an EU Member State’s national data protection regulator now disregard the EU Commission’s finding that the USA is a ‘safe harbour’, and do so on the basis that the USA’s laws and practices do not adequately protect and respect an EU citizen’s EU Charter rights to privacy and data protection?
Continue readingTag Archives: data processing
Case C-362/14, Schrems – does a ‘safe harbour’ shelter states that deprive EU citizens of their EU Charter rights?
If the EU Commission deems a non-EU state to be a ‘safe harbour’ for the purposes of data processing, then personal data about EU citizens can be sent to companies in that non-EU state. This is not new. For example, in 2000 the EU Commission had decided that the USA was a ‘safe harbour’. However, in 2013 Edward Snowden made a series of revelations concerning the USA’s blanket interception of Internet and telecoms systems. These revelations have generated a question of EU law. Namely, can an EU Member State’s national data protection regulator now disregard the EU Commission’s finding that the USA is a ‘safe harbour’, and do so on the basis that the USA’s laws and practices do not adequately protect and respect an EU citizen’s EU Charter rights to privacy and data protection?
Continue readingCase C-212/13, Ryneš – data from private CCTV cameras overlooking public spaces and private homes
Does a home owner’s camera security-system bring him within the scope of the EU’s data processing Directive 95/46/EC? And does it matter that the CCTV camera not only captures images of his home but also of who happens to be passing by in the street outside, and it even records who is going into a home on the opposite side of the street?
Continue readingCase C-46/13, H – challenging more of the EU’s data retention Directive
When you use a telephone or go onto the internet a company registers and stores data about you. Companies are obliged to do this not for billing purposes but because of the EU’s data retention Directive 2006/24/EC. Can you access this ‘retention data’, and if not, is this compatible with the EU Charter?
Continue readingCase C-449/12, van Luijk – No fingerprints? No Dutch passport.
Are the Dutch rules requiring passport applicants to be fingerprinted and to have their biometric data stored initially in local registers, and then in a central register, compatible with EU law?
Continue readingCase C-447/12, Kooistra – No fingerprints? No Dutch ID card.
Are the Dutch rules that require four fingerprints to be taken from people wishing to have a Dutch identity card compatible with EU privacy law?
Continue readingCase C-446/12, Willems – No fingerprints? No Dutch passport. No travel outside the EU.
Are the Dutch rules requiring the fingerprinting of all applicants for a Dutch passport compatible with EU law?
Continue readingCase C-291/12, Michael Schwarz – No fingerprints? No passport. An invalid EC Regulation?
Is the EU’s biometric data Regulation 2252/2004 invalid because it is a disproportionate infringement of a person’s fundamental rights to privacy and data processing?
Continue readingCase C-293/12, Digital Rights Ireland – telecoms, privacy and freedom of expression
Does the restriction on the use of a mobile telephone arising from the data retention Directive 2006/24 contravene the EU Charter’s rights to privacy, data protection, and freedom of expression?
Continue reading