Case Law & Court Rules

After the October 6, 2015, European Court of Justice’s annulment of the Safe Harbor decision of adequacy (Maximilian Schrems v. Data Protection Commissioner), the European Data Protection Authorities (DPAs) gave businesses until January 31, 2016, for the start of enforcement of the Schrems’ decision (see here). The Safe Harbor Scheme had been used for almost 15 years as the […]

On February 16, 2016, Article 29 Working Party (WP29) issued an update on Opinion 8/2010 on applicable law. The update provides explanations concerning the applicable law in light of the Court of Justice of the European Union (CJEU) judgement’s in Google Spain (or Costeja case, C-131/12). The ruling of May 13, 2015 held that EU data subjects have a right […]

On October 13, 2015, the Italian DPA (Garante per la Protezione dei Dati Personali) approved the code of conduct for the processing of commercial data. The code is for companies providing financial information. The code safeguards entrepreneurs’ privacy by making sure that financial and asset information are adequately gathered and stored. Among other provisions, the relevant financial data will have to […]

The compendium, compiled under the auspices of the Court itself, collects the most relevant decisions concerning personal data protection. It mentions the case law listed below with regard to the following topics (updated as of December 5,  2015): GPS data GPS data Uzun v. Germany, 2 September 2010 Ben Faiza v. France (no. 31446/12); pending as […]

Facebook will require Belgian users to create a Facebook account to be able to view its public content. The company was not able to reach an agreement with the Belgian Data Protection Authority (Commissie voor de bescherming von de persoonlijke levensfeer) and it is expecting to receive an order prohibiting the use of cookies to […]

Facebook declared it will appeal a recent decision by the Brussels Court of First Instance (see here) — Rechtbank van eerste aanleg – which could lead to further fragmentation of EU data protection standards by giving ground to local data protection authorities to regulate another aspect of data processing within their own borders. The decision found the […]

On October 27, 2015, the Court of Appeal of The Hague (Gerechtshof Den Haag) affirmed the District Court’s decision that found the Dutch government’s surveillance of Dutch law firms illegal. See here. The Court of Appeal dismissed all grounds of appeal raised by the Dutch Government and held that the communication between a lawyer and his or her […]

  On July 31, 2015, Consiglio Nazionale Forense (Italian National Bar Association) (CNF) published its opinion concerning the possibility for attorneys to advertise their practice in stadiums. According to the CNF, there is no law prohibiting attorneys to hang posters in stadiums to advertise their area of practice, provided they comply with the relevant principles of professional conduct. […]

On October 10, 2015, the Vienna Court of Appeal (Oberlandesgericht Wien) issued a written decision in the Austrian Data Protection action against Facebook. The Court of Appeal overturned the Vienna Regional Court’s decision of July 2015 that had rejected plaintiff Maximilian Schrems’ complaint for lack of jurisdiction. See here. On July 14, 2015, the plaintiff had appealed […]

On October 23, 2015, the Portuguese Data Protection Authority (Comissão Nacional de Protecção de Dados – CNPD) issued its post-Schrems decision. Implementing the Schrems decision, and referring also to the WP29’s recent statement, the CNPD prohibited data transfers to the US under Safe Harbor. The Authority stated that it will issue provisional authorizations under systems […]