Data retention / Data transfer / Human rights / Law enforcement / safe harbour / Security / Surveillance

CJEU Advocate General opines on the compatibility of EU-Canada PNR Agreement with EU Charter rights to privacy and personal data protection

We’ve heard it before, and we’ll hear it again… ‘How can interference with fundamental EU rights to privacy and personal data protection be justified when it comes to mass-automated data processing?’ In other words, to what extent will the EU Charter of Fundamental Rights keep this international agreement grounded before it can take flight? Earlier … Continue reading

Intelligence and security agencies / interception / Personal data / Surveillance / terrorism

Bulk Personal Datasets and the ‘Spectre’ of Pervasive Surveillance Concerns Back in the Spotlight with the Investigatory Powers Bill

Are proposals to introduce oversights over state powers to obtain, analyse, and retain mass sets of personal details sufficient to alleviate concerns where they include data about individuals unconnected to investigations? Much has been written about the UK government’s proposed new Investigatory Powers Bill (IPB) since it was published for consultation by the Home Office, … Continue reading

Data protection / Internet intermediaries / Privacy / Surveillance

Weber, DRI and Schrems: so what are “measures of mass surveillance”? And what should we do with them? A tale of 2 Courts

While the Court of Justice of the European Union (CJEU) in its recent judgment Schrems v Data Protection Commissioner (discussed here), does not mention the words “measures of mass surveillance” it states that it is concerned about measures “authoris[ing], on a generalised basis, storage of all the personal data of all the persons”. By way … Continue reading

Security / Surveillance / terrorism

EU Parliament agrees to commence finalising the Passenger Name Record Directive in light of added data protection safeguards

Questions asked about the necessity and proportionality of yet another state scheme authorising the bulk sharing of personal data, and its storage, for risk assessment purposes – Will the EU get it right this time? In light of the growing threat posed by Islamic State militants, the issue of the EU air travel industry’s passenger … Continue reading

Data protection / Data retention / Surveillance

The Davis judgement: does Article 8 of the European Charter go beyond Article 8 of the ECHR?

Here we are! The last episode of the UK saga “and what do we do with data retention laws” has been issued by the English High Court, with its judgement in the case David Davis MP, Tom Watson MP, Peter Brice, Geoffrey Lewis v The Secretary of State for the Home Department [2015] EWHC 2092 … Continue reading

Data protection / Data retention / Internet intermediaries

ISPs: data controllers as well as mere conduits? Does this make sense? What do we do with the e-privacy Directive if we care?

So here we are, the English Court of Appeal, as it has been explained by Alison in her post, has recently held in the Google v Vidal-Hall case, among other things, that there was a serious issue to be tried that Browser-Generated Information (BGI) is personal data under the Data Protection Act of 1998 (DPA), … Continue reading