Nota Bene Episode 135: Europe Q3 Check In: Brexit, Data Protection, and Block Exemption Regulations with Oliver Heinisch
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
E12: GDPR Article 22 and Automated Decision Making
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
How to avoid a €20m fine. Meritas guide to the steps companies should take to comply with GDPR
Data Privacy Trouble Surrounding Google Street View Cars Presents Lesson for Smaller Companies
In 2023, the European Court of Justice (ECJ) clarified the limits of applicants’ right of access requests under Article 15 of the European Union’s General Data Protection Regulation (GDPR) in landmark decisions with...more
1. Proposal for EU directive for right to repair no longer covering motor vehicles - The European Parliament’s Internal Market and Consumer Protection Committee has voted on a draft report on the proposed EU directive...more
On July 10, 2023, the European Commission concluded that the US ensures an adequate level of protection for personal data transferred from the European Union to US companies under the new EU-US Data Privacy Framework. Based...more
As we’ve written about before, the question of anonymization can be tricky. When is something “anonymized” or merely “de-identified” or “pseudonymous” — and when does it matter? This is a particularly fraught issue under...more
Fragen, Antworten und Praxistipps zum weiteren Einsatz von Standardvertragsklauseln - Der Europäische Gerichtshof (EuGH) hat mit seinem Urteil vom 16. Juli 2020, Rechtssache C-311/18 („Schrems II“) die Rahmenbedingungen...more
The Privacy Shield framework, which thousands of companies located in the United States have relied upon to receive transfers of personal data from the European Union, the United Kingdom, and Switzerland, has been invalidated...more
On December 19, 2019, in the Facebook Ireland and Schrems (Schrems 2.0) case, the Advocate General (AG) to the European Court of Justice (ECJ)—European Union's highest court—opined that the EU Standard Contractual Clauses...more
We routinely hear from United States citizens who want advice on how to remove photographs, newspaper articles, videos or personal information about themselves from the internet. Originally published by the European...more
On September 24, 2019, the highest court of the European Union (EU), the Court of Justice of the EU (CJEU), attempted to limit the territorial scope and authority of EU data protection authorities in its recent decision...more
The Court of Justice of the European Union (CJEU) published a judgment that echoes the recent developments discussed in our August update, "New Developments in EU for Cookies and Online Tracking." This is an important...more
The Court of Justice of the European Union (CJEU) – the European Union’s equivalent to the US Supreme Court – has issued a very important ruling with respect to cookie compliance that may require re-evaluation of your cookie...more
It is not clear at this point whether joint and several liability attaches to the actions of joint controllers. The GDPR states that a data subject “may exercise his or her rights under this Regulation in respect of and...more
The Situation: Fashion ID, a German online clothing retailer, embedded on its website the Facebook "Like" button. When a user consults the website of Fashion ID, that user's personal data are transmitted to Facebook Ireland....more
On July 29, 2019, the European Court of Justice (ECJ) issued its decision in FashionID (Case C-40/17), determining that website operators are jointly liable with plugin providers for data collection and transmission through...more
On January 10, 2019, Advocate General Szpunar issued his much awaited opinion in the Google case that was referred to the European Court of Justice by the French “Conseil d’Etat”, the highest administrative court of the...more
Recently, Austrian privacy activist Maximilian Schrems won a partial victory in his continuing battles with Facebook. We discuss that case below. But first, we review his prior tilts with Facebook....more
The Situation: The European Court of Justice ("ECJ") is to rule on the validity of EU Standard Contractual Clauses used by companies to transfer personal data outside of the European Union, at the request of Ireland's High...more
On 1 February 2017, the German federal cabinet adopted a draft data protection bill. The planned implementation statute aims to supplement and further define the EU General Data Protection Regulation, which will come into...more
On 19 October 2016, the European Court of Justice (ECJ) held (Case C-582/14 – Breyer v Federal Republic of Germany) that dynamic IP addresses may constitute personal data. The ECJ also held that a website operator may collect...more
In a key decision, the European Court of Justice has ruled that dynamic IP addresses may qualify as personal data in certain circumstances—ending years of uncertainty about whether such fundamental building blocks of the...more
In a ruling with significant potential impact, the Court of Justice of the European Union (CJEU) has ruled that a dynamic internet protocol (IP) address may constitute "personal data" under EU Data Protection Directive...more
What the recent Amazon decision tells us - On 28 July 2016, the European Court of Justice rendered a decision in a dispute between an Austrian Consumer Protection organization known as VKI (Verein für...more
Last month, one of the Advocate Generals (“AG”) of the Court of Justice of the European Union (“CJEU”), Manuel Campos Sánchez-Bordona, issued an opinion suggesting that dynamic IP addresses should be recognized as “personal...more
European privacy law is a bold new world for U.S. businesses doing business in Europe. An October Court of Justice ruling struck down the Safe Harbor arrangement which had governed E.U.-U.S. data transfer transactions for...more
The recognition by the European Union of a “Right to be Forgotten” has caused much controversy, but seemingly progress is being made. The Right, which entitles Europeans to petition data controllers to prevent harmful...more