Case C-698/15, Davis – did the CJEU in Digital Rights Ireland intend to lay down mandatory requirements of EU law?

In 2006, the EU’s ‘data retention’ Directive 2006/24/EC required telecoms companies to store data traffic. In its Digital Rights Ireland judgment of 2014, the CJEU annulled the Directive because the Directive was incompatible with the EU Charter. Six national courts have subsequently declared their national data retention laws to be invalid. However, in other Member States legal uncertainty surrounds what the CJEU actually decided and the legal effects that flow from it. In that context, a Swedish court has already made a preliminary reference to the CJEU. Now, the Court of Appeal of England and Wales has decided to make its own preliminary reference.

Continue reading

Case C-610/15, Stichting Brein – seeking website blocks to stop peer to peer technology

People may use telecoms networks to pass information to each other. Some websites such as that run by The Pirate Bay allow people to download software that enables them to pass small pieces of information around a telecoms network. The question in this case is whether a Dutch court can order telecoms companies to block their customers’ access to websites like The Pirate Bay in order to stop presumed copyright infringement from taking place.

Continue reading

Case C-424/15, Ormaetxea Garai – dismissed so unfairly as to query the independence of regulators

Many of Spain’s national regulators have been merged into one mega regulator. People formerly running those regulators have been made redundant even with retroactive effect. Is retroactive dismissal contrary to the general principles of EU law? And since people have been removed from their jobs prior to the end of their fixed-term contracts, is this not contrary to EU law’s requirement that national regulators be completely independent, as per the EU’s ‘communications networks’ Directive 2002/21/EC?

Continue reading

Case C-434/15, Asociación Profesional Élite Taxi – Uber’s new software destroys the old order of labour

Traditionally, people wanting to be driven from A to B could hail a cab on the street. Subsequently, cabs could be hailed by telephoning for one. Now it is possible to use a smartphone to organise an ‘electronic hail’. However, if the smartphone uses Uber’s software, then the car that comes to pick them up will not be a licensed taxi. The question is: can Uber’s new software destroy the old order of labour that governs the life of a taxi-driver, a legal order characterised by the state-licensing of taxi cabs?

Continue reading

Case C-203/15, Tele2 Sverige – Swedish data retention despite Digital Rights Ireland

Telecoms companies were legally required to store data traffic until the CJEU’s judgment in Digital Rights Ireland. The CJEU annulled the EU’s Data Retention Directive for being incompatible with the EU Charter. Nevertheless, Swedish telecoms companies are still being required to store data. The legal basis for this is an earlier EU Directive, which had been amended by the Data Retention Directive. Is this regulatory approach compatible with the EU Charter?

Continue reading

Case C-582/14, Breyer – seeing the logs from the trees in privacy law

Behind a website, there may be a log. This can record which pages have been viewed, when, and by which dynamic IP address. The legal question is whether this is a processing of ‘personal data’ under the EU’s ‘data processing’ Directive 95/46/EC?

Continue reading

Case C-484/14, McFadden – a mere conduit?

If a person offers non-password-protected access to the Internet, and an unknown user passes a piece of copyright-infringing music over that Internet connection, then can the person offering the Internet access be absolved of legal liability on the basis that he is but a ‘mere conduit’ under the EU’s ‘E-Commerce’ Directive 2000/31/EC?

Continue reading

Case C-362/14, Schrems – does a ‘safe harbour’ shelter states that deprive EU citizens of their EU Charter rights?

If the EU Commission deems a non-EU state to be a ‘safe harbour’ for the purposes of data processing, then personal data about EU citizens can be sent to companies in that non-EU state. This is not new. For example, in 2000 the EU Commission had decided that the USA was a ‘safe harbour’. However, in 2013 Edward Snowden made a series of revelations concerning the USA’s blanket interception of Internet and telecoms systems. These revelations have generated a question of EU law. Namely, can an EU Member State’s national data protection regulator now disregard the EU Commission’s finding that the USA is a ‘safe harbour’, and do so on the basis that the USA’s laws and practices do not adequately protect and respect an EU citizen’s EU Charter rights to privacy and data protection?

Continue reading

Case C-362/14, Schrems – does a ‘safe harbour’ shelter states that deprive EU citizens of their EU Charter rights?

If the EU Commission deems a non-EU state to be a ‘safe harbour’ for the purposes of data processing, then personal data about EU citizens can be sent to companies in that non-EU state. This is not new. For example, in 2000 the EU Commission had decided that the USA was a ‘safe harbour’. However, in 2013 Edward Snowden made a series of revelations concerning the USA’s blanket interception of Internet and telecoms systems. These revelations have generated a question of EU law. Namely, can an EU Member State’s national data protection regulator now disregard the EU Commission’s finding that the USA is a ‘safe harbour’, and do so on the basis that the USA’s laws and practices do not adequately protect and respect an EU citizen’s EU Charter rights to privacy and data protection?

Continue reading