anonymisation / big data / Personal data / Privacy / WiFI tracking

Anonymisation, pseudonymisation, WiFi tracking and the French: the JCDecaux case

The topic of ‘anonymisation’ has already been covered several times on the blog (see e.g. here, here, and here). We even have a new research paper (‘Anonymous Data v. Personal Data — A False Debate: An EU Perspective on Anonymization, Pseudonymization and Personal Data’) recently published in the Wisconsin International Law Journal on this issue  … Continue reading

Access to data / anonymisation / Data protection / Data transfer / de-identification / General Data Protection Regulation / pseudonymisation / Risk-based approach

A call for a common techno-legal language to speak about anonymisation, pseudonymisation, de-identification… Could this be one of the biggest challenges brought about by the GDPR?

  The General Data Protection Regulation (GDPR) will be applicable in less than two years and lawyers as well as others are trying to grapple with definitional issues. The graduated approach that would have meant alleviating the regime of certain categories of data such as pseudonymised data (e.g. by eliminating the need to comply with … Continue reading

anonymisation / consent / Data protection / Data retention / Personal data / Risk-based approach

CJEU in Breyer: Dynamic IP addresses will (very?) often be personal data and German Law is too restrictive! Okay but how shall we care about voluntary and systematic retention of logs?

  And here is delivered by the Court of Justice of the European Union (CJEU) another landmark judgment: C‑582/14 Breyer v Bundesrepublik Deutschland concerning the proper characterisation of IP addresses and the compatibility of German national law with Article 7(f) of the Data Protection Directive (DPD). The judgement is not available in English yet, but … Continue reading

anonymisation / big data / Data protection / General Data Protection Regulation / ICO / Personal data / Privacy / pseudonymisation / research / Risk-based approach / sensitive data

The First-Tier Tribunal and the anonymisation of clinical trial data: a reasoned expression of Englishness…. which would have to be abandoned with the GDPR?

The Queen Mary University of London v (1) The Information Commissioner and (2) Alem Matthees, EA/2015/0269 case decided by the First-Tier Tribunal (Information Rights) (FTT(IR)) on 12 August 2016 is a fascinating decision. [Could it be a stylish expression of Englishness…. or otherness?] The case-facts concern a freedom of information request for clinical trial patient data … Continue reading

anonymisation / Brexit / Data protection / Data transfer / digital identity / e-government / eIDAS / General Data Protection Regulation / safe harbour

eIDAS applies from 1 July 2016: An EU dream come true after a Brexit nightmare?

  Six days after the results of the UK Brexit referendum and it is still very hard to go back to a “normal” life, especially while remaining an EU citizen living in the UK. One of the most upsetting things of the referendum, at least for lawyer, is its nonsense. This holds true in particular … Continue reading