Case C-203/15, Tele2 Sverige – Swedish data retention despite Digital Rights Ireland

Telecoms companies were legally required to store data traffic until the CJEU’s judgment in Digital Rights Ireland. The CJEU annulled the EU’s Data Retention Directive for being incompatible with the EU Charter. Nevertheless, Swedish telecoms companies are still being required to store data. The legal basis for this is an earlier EU Directive, which had been amended by the Data Retention Directive. Is this regulatory approach compatible with the EU Charter?

Continue reading

Case C-72/15, Rosneft – challenging the EU’s sectoral sanctions against Russia

Russian activities in Ukraine have prompted the EU to adopt a package of sanctions aimed at various Russians and Russian companies. These sanctions have been enshrined in various pieces of EU legislation and implemented by the EU Member States in their national laws. These sanctions are affecting an oil company which is part-owned by a British oil company ‘BP’, and part-owned by a Russian oil company that belongs to the State of Russia. To begin with, the company is challenging the legality of the UK’s implementing legislation. However, the validity of the EU’s legislation is also at stake. Does the CJEU have jurisdiction to rule on the validity of a Decision adopted pursuant to the EU’s Common Foreign and Security Policy? And if so, then does the drafting of the EU’s legislation satisfy the requirements of legal certainty and foreseeability in circumstances where that legislation forms the basis of criminal penalties?

Continue reading

Case C-582/14, Breyer – seeing the logs from the trees in privacy law

Behind a website, there may be a log. This can record which pages have been viewed, when, and by which dynamic IP address. The legal question is whether this is a processing of ‘personal data’ under the EU’s ‘data processing’ Directive 95/46/EC?

Continue reading

Case C-547/14, Philip Morris Brands – the Second Tobacco Products Directive is invalid

Is the EU’s Second Tobacco Products Directive 2014/40/EU invalid?

Continue reading

Case C-484/14, McFadden – a mere conduit?

If a person offers non-password-protected access to the Internet, and an unknown user passes a piece of copyright-infringing music over that Internet connection, then can the person offering the Internet access be absolved of legal liability on the basis that he is but a ‘mere conduit’ under the EU’s ‘E-Commerce’ Directive 2000/31/EC?

Continue reading

Case C-362/14, Schrems – does a ‘safe harbour’ shelter states that deprive EU citizens of their EU Charter rights?

If the EU Commission deems a non-EU state to be a ‘safe harbour’ for the purposes of data processing, then personal data about EU citizens can be sent to companies in that non-EU state. This is not new. For example, in 2000 the EU Commission had decided that the USA was a ‘safe harbour’. However, in 2013 Edward Snowden made a series of revelations concerning the USA’s blanket interception of Internet and telecoms systems. These revelations have generated a question of EU law. Namely, can an EU Member State’s national data protection regulator now disregard the EU Commission’s finding that the USA is a ‘safe harbour’, and do so on the basis that the USA’s laws and practices do not adequately protect and respect an EU citizen’s EU Charter rights to privacy and data protection?

Continue reading

Case C-362/14, Schrems – does a ‘safe harbour’ shelter states that deprive EU citizens of their EU Charter rights?

If the EU Commission deems a non-EU state to be a ‘safe harbour’ for the purposes of data processing, then personal data about EU citizens can be sent to companies in that non-EU state. This is not new. For example, in 2000 the EU Commission had decided that the USA was a ‘safe harbour’. However, in 2013 Edward Snowden made a series of revelations concerning the USA’s blanket interception of Internet and telecoms systems. These revelations have generated a question of EU law. Namely, can an EU Member State’s national data protection regulator now disregard the EU Commission’s finding that the USA is a ‘safe harbour’, and do so on the basis that the USA’s laws and practices do not adequately protect and respect an EU citizen’s EU Charter rights to privacy and data protection?

Continue reading

Case C-340/14, Trijber – the Treaty is more than an incoming tide, it is even in the canals

Amsterdam has a system of canals. But before boats and pleasure craft can take to Amsterdam’s waters, they need a licence from the local authority. Unfortunately, the authority handed out its boat licences a while back. In this case, a Dutch company now wishes to rent out its boat for either office parties or company ‘days-out’, and unsurprisingly its application was turned down. The aggrieved company is challenging the legality of the licensing system. It alleges that since the authority’s licences are for an unlimited duration, the system is disproportionate and shows that the authority acts arbitrarily – something contrary to EU Treaty law and the EU ‘services’ Directive 2006/123/EC. The authority denies that it is doing anything wrong: issuing a limited number of licences is a proportionate response designed to limit the congestion on Amsterdam’s canals; and even if it is wrong on that point, then this is a ‘purely internal situation’ to which EU law does not apply.

Continue reading

Case C-30/14, Ryanair – grounding a go compare an airfare website

Price-comparison websites in the EU are often lawful because the websites they take their information from are databases frequently unprotected by either copyright or the ‘sui generis’ right enshrined in the EU’s Database Directive 96/9/EC. This is true of Ryanair’s website. But Ryanair’s website is however protected by a plank of deviant Dutch ‘copyright’ law. In this case, a Dutch website that compares the price of airfares is seeking to rely on a Dutch exception to the Dutch ‘copyright’ rule, an exception that corresponds to one found in the EU’s Database Directive. The legal question has become whether the Directive applies to all databases and thus websites – even the unprotected ones – and, if so, whether the price-comparison website qualifies as a ‘lawful user’, who does not need to obtain Ryanair’s consent to use Ryanair’s website.

Continue reading

Case C-518/13, Eventech – driving a minicab through the rules governing bus lanes

London’s bus lanes can generally be used by ‘black cabs’ but not by ‘minicabs’. Do the rules underpinning that distinction: involve the use of state resources, constitute a disproportionate response in view of the policy aims of bus lanes, and threaten to affect trade between the Member States? If they do, then they could be an illegal state aid.

Continue reading