Latest Entries
Access to data / Data protection / General Data Protection Regulation / Law enforcement / Legitimate interest / Personal data / sensitive data

CJEU Advocate General Opines on the ‘Legitimate Interest’ Concept

But how exactly does EU law achieve the weighing of competing legitimate interests and rights in a data protection law context? I’ve previously written (here) about the concept of legitimate interest under data protection law and how it has captured the attention of data protection agencies, as well as the EU institutions in informing the … Continue reading

audiovisual media services / content regulation / Copyright / hate speech

Video-sharing platform services and media services : what is the link between the new AVMSD and the old ECD?

The regulation of digital content seems to be at a turning point. Based on the premise that the Internet of 2016, or should I say 2017, has nothing to do with the Internet of the 2000s, the European Commission (EC) has decided to act and released in May and in September this year two key … Continue reading

content regulation / Copyright / Intellectual Property / Internet intermediaries / liability

AG CAMPOS SÁNCHEZ-BORDONA in Stichting Brein: what is the link between GS Media and Article 15 ECD?

      The Court of Justice of the EU (CJEU)’s Advocate General (AG) Campos Sanchez-Bordona issued his opinion yesterday in the case C‑527/15 Stichting Brein v Jack Frederik Wullems, acting under the name of Filmspeler, which is again a case involving the infamous right to communicate copyright works to the public. Very briefly, the … Continue reading

Access to data / anonymisation / Data protection / Data transfer / de-identification / General Data Protection Regulation / pseudonymisation / Risk-based approach

A call for a common techno-legal language to speak about anonymisation, pseudonymisation, de-identification… Could this be one of the biggest challenges brought about by the GDPR?

  The General Data Protection Regulation (GDPR) will be applicable in less than two years and lawyers as well as others are trying to grapple with definitional issues. The graduated approach that would have meant alleviating the regime of certain categories of data such as pseudonymised data (e.g. by eliminating the need to comply with … Continue reading

anonymisation / consent / Data protection / Data retention / Personal data / Risk-based approach

CJEU in Breyer: Dynamic IP addresses will (very?) often be personal data and German Law is too restrictive! Okay but how shall we care about voluntary and systematic retention of logs?

  And here is delivered by the Court of Justice of the European Union (CJEU) another landmark judgment: C‑582/14 Breyer v Bundesrepublik Deutschland concerning the proper characterisation of IP addresses and the compatibility of German national law with Article 7(f) of the Data Protection Directive (DPD). The judgement is not available in English yet, but … Continue reading