As most will be at least vaguely aware, Europe is expecting… the arrival into force of the EU General Data Protection Regulation – the GDPR – is now only 9 months away. This significant overhaul and enhancement of European data protection legislation is the brain-child of the EU Commission, Parliament, and Council. It has also most likely been sired by Germany, with many of the new rules regarding data subject rights to access, deletion, and portability heavily influenced by German legal thinking in this area. As Dr. Sebastian Golla has pointed out, the German Constitutional Court has stated in its decisions that the basic right to informational self-determination (Informationelle Selbstbestimmung) is the basis of German Data Protection Law. Continue reading We’re Expecting… 9 Months to Go to GDPR Overhaul of EU Data Protection Regime
I’ll start the year off with a bit of a general overview of some interesting developments in the area of technology law – specifically in Europe, but with wide-ranging effect – and there certainly have been some in both the closing months of 2015 and already in 2016. I’m hoping I’ll get around to writing about these issues in more depth in the coming months. There have been developments in the realm of employer surveillance of employees; the fallout from the disintegration of the Safe Harbour program continues to plague multinational data-driven companies; and these developments, along with others, such as the future of the so-called ‘Right to be Forgotten’, remains to be seen, with the final touches being put on large scale reform of data protection law in the EU. Continue reading The State of the (European) Union – Technology Law
You may remember that around this time last year I wrote a rather critical analysis of the newly established Right to be Forgotten which resulted from the Google Spain decision. You may also remember that Julia Powles and Rebekah Larsen collected a great deal of commentary (available here) from all sides of the debate on this topic, including, I am flattered to say, mine. Apart from anything else, this collection of commentary from all perspectives helped me re-analyse my own position on the Right to be Forgotten (RTBF), and perhaps move away from being staunchly against it, to being critical of how it was implemented. A year down the line, Julia Powles and Ellen Goodman managed to round up signatures from the lot of us, and composed an excellent Open Letter to Google, asking them for more transparency in how exactly they handle RTBF requests. Continue reading The War of the Forget-Me-Nots: Google and the Right to be Forgotten – One Year On
Korea seems to have taken a rather forward-thinking stand on digital consumer protection, particularly the rights of consumers of directly downloaded digital content such as apps. This is a protection sadly lacking in the recently transposed Consumer Rights Directive in Europe, which goes a short way towards harmonising rules on digital content, and defining what digital content is, but falls short of giving it the protection of “goods” or extending full rights of withdrawal to digital downloads. This Korean move, made by Korea’s competition watchdog the Korea Federal Trade Commission, forces app-stores to revise their policies, amongst others, on refunds, changes to terms of service, and prohibitions on automatic billing after a free trial period.
See Shin Ji-hye, “Google, Apple ordered to revise unfair App store terms”, (6 July 2014), The Korea Herald, available online at http://www.koreaherald.com/view.php?ud=20140706000270
Much rejoicing was had this week amongst fans of Data Privacy and Data Protection, as the European Court of Justice (ECJ – though officially now just the Court of Justice) in its capacity as one wing of the Court of Justice of the European Union (CJEU; I know, the distinction is a bit confusing, and varies depending on who reports it) implied a “right to be forgotten” into European Data Protection Law. For example, the EU justice commissioner, Viviane Reding, welcomed the decision, saying it was a victory for the protection of personal data in the EU; “The ruling confirms the need to bring today’s data protection rules from the ‘digital stone age’ into today’s modern computing world”. Whilst the idea of giving citizens more rights to control the processing and dissemination of their personal information is a commendable one, this already exists in the form of the Data Protection Directive which was found to be applicable in this case.
What really happened here is that the court extended, in my opinion rather widely unclearly, who can be designated as controllers or processors of personal data and what sorts of information should be considered objectionable personal information and remain completely within the control of the citizen. Continue reading Europe and The Right to Be Forgotten: A Memorable Victory for Privacy or Defeat for Free Speech?
“Network Neutrality”, more commonly referred to as simply “Net Neutrality” is the concept, coined by Columbia media law professor Tim Wu, that Internet service providers and governments should treat all data on the Internet equally, not discriminating or charging differentially based on user, content, website, platform, application, type of attached equipment, and modes of communication. Continue reading Why Consumers Should Be Worried About Net Neutrality