anonymisation / big data / Data protection / General Data Protection Regulation / Personal data / pseudonymisation / research / sensitive data

What does the agreed version of the GDPR say about processing personal data for research purposes? Is the GDPR better than the Directive?

What does the agreed version of the GDPR say about processing personal data for research purposes? Is the GDPD better than the Directive? So here we are. It’s almost Christmas and after three years of intense debate the Council of the European Union and the European Parliament have announced that they have informally agreed on … Continue reading

Data protection / Internet intermediaries / Privacy / Surveillance

Weber, DRI and Schrems: so what are “measures of mass surveillance”? And what should we do with them? A tale of 2 Courts

While the Court of Justice of the European Union (CJEU) in its recent judgment Schrems v Data Protection Commissioner (discussed here), does not mention the words “measures of mass surveillance” it states that it is concerned about measures “authoris[ing], on a generalised basis, storage of all the personal data of all the persons”. By way … Continue reading

Data protection / Privacy / safe harbour / Surveillance

AG Bot on Schrems v DP Commissioner: does the EU Charter of Fundamental Rights really go beyond the ECHR?

Advocate General (AG) Bot delivered his awaited opinion on 23 September 2015 in the case C-362/14 Maximillian Schrems v Data Protection Commissioner. As readers might remember (see my previous post here), the Irish High Court had made a reference for a preliminary ruling back in 2014. [For background, talented Austrian Facebook user, Maximillian Schrems complained … Continue reading

anonymisation / General Data Protection Regulation / Personal data

A German view of the Council’s proposed General Data Protection Regulation: let’s try one more time… by the way what do we do with Browser-Generated Information?

The Council of the European Union released its version of the Proposed Regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation or ‘GDPR’) on 11 June 2015, as mentioned by … Continue reading

Security / Surveillance / terrorism

EU Parliament agrees to commence finalising the Passenger Name Record Directive in light of added data protection safeguards

Questions asked about the necessity and proportionality of yet another state scheme authorising the bulk sharing of personal data, and its storage, for risk assessment purposes – Will the EU get it right this time? In light of the growing threat posed by Islamic State militants, the issue of the EU air travel industry’s passenger … Continue reading

Access to data / Internet intermediaries / Surveillance / terrorism

What if the French constitutional judges had read the Davis Judgement? Would we be living in a better world?

The French Constitutional Court (Conseil Constitutionnel) issued its decision n°2015-713 DC on the recently adopted Law on intelligence on 23 July 2015. Reading its decision after having read the Davis judgment of the English High Court, one wonders whether legal syllogism has suddenly been replaced by useless tautology. The newly adopted law on intelligence is … Continue reading

Data protection / drones / Privacy / Privacy impact assessment

Opinion on drones released by EU Data Protection Working Party

“Technology is neither good nor bad; nor is it neutral” – How far might future usage of drone technology affect the very fabric of the societies in which we live? The Article 29 EU Working Party (WP) has issued an Opinion about the data protection and privacy implications of utilising unmanned aerial systems (“drones”). This … Continue reading

Data protection / Privacy / Surveillance

The new judgement of the UK Supreme Court on the scope of Article 8 ECHR or why Lord Kerr is right…

In its recent judgement of 1 July 2015 In the matter of an application by JR38 for Judicial Review (Norther Ireland) [2015] UKSC 42, the UK Supreme Court held that the publication of photographs of a minor (just about 14 years old at the time of publication) suspected of involvement in criminal activities did not … Continue reading

damages / Privacy

A breach of the right to privacy justifies an award of damages for the act of misusing private information ‘per se’, says English High Court in phone-hacking decision

Are ‘the times a-changin’’ for the future of English privacy claims? UK privacy law is a slow-evolving story. Most of its principles have developed from case law since the Millennium, yet awards of damages by the courts in compensation for harm suffered as a consequence of privacy infringements (such as for distress and loss of … Continue reading