Category: Data protection and digital governance

Neues aus dem Elfenbeinturm: October 2019

Call for Chapters: Personal Data Protection and Legal Developments in the European Union

Deadline for proposal submissions: 18 October 2019.

Conference “Judges in Utopia: Civil Courts as European Courts”

Amsterdam, 7-8 November 2019. Deadline for (free) registration: 18 October 2019.

Conference “Socially Responsible Foreign Investment under International Law”

Catholic University of Portugal, 24-25 October 2019. (Free) registration necessary.

Workshop “Gender Based Approaches to the Law and Juris Dictio in Europe”

University of Pisa, 19-20 June 2020. Deadline for abstract submissions: 15 January 2020.

Planet49 CJEU Judgment brings some ‘Cookie Consent’ Certainty to Planet Online Tracking

By Gabriela Zanfir-Fortuna

This blog was first published on pdpEcho and is reproduced here with the kind permission of the editor: https://pdpecho.com/2019/10/03/planet49-cjeu-judgment-brings-some-cookie-consent-certainty-to-planet-online-tracking/

Last week, the Court of Justice of the European Union published its long-awaited judgment in the Planet49 case, referred by a German Court in proceedings initiated by a non-governmental consumer protection organization representing the participants to an online lottery. It dealt with questions which should have been clarified long time ago, after Article 5(3) was introduced in Directive 2002/58 (the ‘ePrivacy Directive’) by an amendment from 2009, with Member States transposing and then applying its requirements anachronistically:

  • Is obtaining consent through a pre-ticked box valid when placing cookies on website users’ devices?
  • Must the notice given to the user when obtaining consent include the duration of the operation of the cookies being placed and whether or not third parties may have access to those cookies?
  • Does it matter for the application of the ePrivacy rules whether the data accessed through the cookies being placed is personal or non-personal?

The Court answered all of the above, while at the same time signaling to Member States that a disparate approach in transposing and implementing the ePrivacy Directive is not consistent with EU law, and setting clear guidance on what ‘specific’, ‘unambiguous’ and ‘informed’ consent means. Continue reading

Fashion-ID: Introducing a phase-oriented approach to data protection?

By René Mahieu and Joris van Hoboken

Introduction

Fashion ID revolves around a German consumer protection organization, Verbraucherzentrale NRW (a public service organization), which filed a lawsuit against Fashion ID, an online fashion shop, about the placement of a Facebook “Like” button on the shop’s website. The inclusion of the like-button on Fashion ID’s website results in the transmission of personal data to Facebook’s servers when a visitor enters the website. This happens (i.) without the visitor being aware of that, (ii.) regardless of whether the visitor is a member of Facebook, and (iii.) regardless of whether the visitor actually clicks the like-button. According to the Verbraucherzentrale, the website operator has not provided information, nor collected consent for this processing of personal data, in accordance with its obligation under the Data Protection Directive (DPD). Continue reading

Neues aus dem Elfenbeinturm: September 2019

Conference “Recognition of status filiationis established abroad: European perspectives and national resistance”

University of Udine, 24 October 2019. Deadline for abstract submissions: 15 September 2019.

2020 ESIL Research Forum “Solidarity: The Quest for Founding Utopias of International Law”

University of Catania, 23-24 April 2020. Deadline for abstract submissions: 30 September 2019.

First Jean Monnet NOVA-EU workshop “Digitalisation, Ethics and EU Fundamental Rights”

Maastricht University, 9-10 January 2020. Deadline for abstract submissions: 31 October 2019.

Call for Papers “European State Aid Law Quarterly”

Manuscripts accepted on a rolling basis.

Neues aus dem Elfenbeinturm: July 2019

Conference “EU Agencies as ‘Inbetweeners’? The Relationship between EU Agencies and Member States”

Maastricht University, 4-5 December 2019. Deadline for abstract submissions: 31 July 2019.

3rd Young European Law Scholars Conference “Shaping the Future of Europe”

University of Salzburg, 27-28 February 2020. Deadline for abstract submissions: 1 September 2019.

Conference “Application Of The Succession Regulation In The EU Member States”

University of Silesia, Katowice, 12 September 2019. Deadline for registration: 2 September 2019.

Yearbook of European Law Annual EU Law and Policy Conference “EU Law in the era of the Fourth Industrial Revolution”

University College London, January 2020. Deadline for draft paper/extended abstract submissions: 8 September 2019.

Vers une intelligence artificielle « fabriquée en Europe » : pistes d’action et lignes directrices éthiques

By Alyson Berrendorf

L’intelligence artificielle (IA) est une nouvelle donnée qu’il n’est – depuis plusieurs années – plus possible de négliger. La croissance de la puissance de calcul, la maximisation ainsi que la disponibilité des données, la rapidité de traitements des informations et les progrès réalisés dans les algorithmes ont fait de l’IA l’une des technologies les plus stratégiques du 21ème siècle. Face à ce constat, l’Union européenne se doit ne pas rater cette révolution technologique, et, mieux encore, elle se doit de devenir un acteur de pointe sur la scène internationale afin de développer une IA performante, éthique et sûre, au profit tant du citoyen (dans sa vie privée et professionnelle) que de la société dans son ensemble.

A cet effet, la Commission européenne a pris plusieurs initiatives ces deux dernières années. La communication de la Commission européenne intitulée « L’intelligence artificielle pour l’Europe », publiée en avril 2018, préconisait de ce fait une stratégie européenne à l’appui de cet objectif, ainsi qu’un plan coordonné pour le développement de l’IA en Europe, présenté en décembre dernier. Plus récemment encore, en avril 2019 cette fois, la Commission a encore franchi une étape supplémentaire en souhaitant lancer sa phase pilote afin de faire en sorte que les lignes directrices en matière éthique pour le développement de l’IA sûre puissent être concrètement mises en œuvre dans la pratique (COM(2019) 168 final).

Au travers de ce bref article, nous ferons une première évaluation des diverses avancées concernant le déploiement de l’intelligence artificielle au sein de l’Union européenne. Nous analyserons notamment le fil conducteur de ce plan, ainsi que la liste d’évaluation et les lignes directrices en matière d’éthique récemment mises en avant par le groupe d’experts indépendants de haut niveau sur l’intelligence artificielle, afin de générer, selon leurs termes, « une IA digne de confiance » et « axée sur l’humain ». Face à cette dénomination, une question mérite d’être soulevée… Une IA axée sur autre chose – ou pour le dire autrement, une IA au service d’autre chose que l’humain – est-elle possible ? Continue reading

The US, China, and Case 311/18 on Standard Contractual Clauses

By Peter Swire

On July 9, the Court of Justice for the European Union (CJEU) held eight hours of oral argument in hearing case C-311/18, on whether US surveillance practices violate the fundamental rights of EU citizens.  This case could potentially rupture the mechanisms that allow personal data to flow across the Atlantic. Should the Court so decide, it would soon be illegal for companies and services we use every day to transfer personal data from the EU to the US.  Such a determination, however, may result in an absurdity; EU citizens’ data could not travel to the US for fear of intrusive surveillance, but could flow unimpeded to China, a nation with surveillance practices ripped from the pages of a dystopian science fiction novel. Continue reading

AG Opinion on C-18/18: Towards private regulation of speech worldwide

By Paolo Cavaliere

The case of Glawischnig-Piesczek v Facebook offers the opportunity for the Court of Justice to clarify the personal and material scope of monitoring obligations that may be imposed on Internet intermediaries, i.e. those private entities that ‘give access to, host, transmit and index content originated by third parties’.  The decision of the Court will determine whether domestic courts can impose monitoring obligations on digital platforms, and of what nature, and how much power courts should be given in imposing their own standards of acceptable speech across national boundaries. The opinion of the Advocate General, rendered earlier this month, raises some concerns for on-line freedom of expression because of its expansive approach to both monitoring obligations and jurisdictional limitations. Continue reading

Neues aus dem Elfenbeinturm: May 2019

5th CLEER summer school on EU external Relations law

Brussels, 24-28 June 2019. Deadline for applications: 3 June 2019.

re:constitution Fellowships

Deadline for applications: 1 June 2019.

ELGS Summer School on Comparative Law & Global Governance

Sounion, 22-26 July 2019. Deadline for applications: 21 June 2019.

Conference “Zehn Jahre Vertrag von Lissabon. Reflexionen zur Zukunft der europäischen Integration”

Berlin, 21 June 2019. (Paid) registration necessary.

Seminar “Unravelling the Brexit Conundrum, Legal and Political Perspectives”

The Hague University of Applied Sciences, 27 May 2019.

Symposium “EU Citizenship 25 Years On : Civil and Economic Rights in Action”

University of Trento, 28 May 2019.

Helsinki Summer Seminar “International Environmental Law – Process as Decline”

Erik Castrén Institute of International Law and Human Rights, 26-30 August 2019. Deadline for applications: 31 May 2019.

Summer School “The Protection of Fundamental Rights in Europe”

Bertinoro, 23-28 June 2019. Deadline for application: 12 June 2019.

Workshop on counter-terrorism at the crossroad between international, regional and domestic law

Bocconi University, 13-14 June 2019. Online registration necessary.

Würzburger Europarechtstage “Die EU zwischen Niedergang und Neugründung: Wege aus der Polykrise”

University of Würzburg, 19-20 July 2019. Deadline for (free) registration: 11 July 2019.

3rd EDEN Conference “Paradise Lost? Policing in the Age of Data Protection”

Copenhagen, 19-20 September 2019. Deadline for early bird (paid) registration: 19 July 2019.

Conference “Towards European Criminal Procedural Law”

University of Nantes, 6-7 February 2020. Deadline for abstract submissions: 15 September 2019.

Neues aus dem Elfenbeinturm: April 2019

US – EU Environmental Law Colloquium

Rome, 30 May 2019. Registration necessary.

Conference  From Tampere 20 to Tampere 2.0: Towards a new programme (2020-2024) for EU migration and asylum policies 20 years after the Tampere conclusions?

Helsinki, 24-25 October 2019. Deadline for submissions: 10 May 2019.

5th Annual TAU Workshop for Junior Scholars in Law – Rethinking Law and Boundaries

Buchmann Faculty of Law, Tel Aviv, 17 November 2019. Deadline for abstract submissions: 10 May 2019.

4th European Privacy Law Scholars Conference

University of Amsterdam, 24-25 October 2019. Deadline for abstract submissions: 23 May 2019.

Workshop on Feminist Data Protection

Berlin, 20 November 2019. Deadline for abstract submissions: 15 June 2019.

Academy of European Public Law

Athens/Sounion, 26 August-14 September 2019. Deadline for applications: 29 June 2019.

XXIX FIDE Congress 2020

The Hague, 20-23 May 2020. Registration opens in summer 2019.

2019 Odysseus Summer School on EU Immigration and Asylum Law and Policy

Brussels, 1-12 July 2019.

Association of American Law Schools Annual Meeting – European Law Section Works in Progress Panel

Washington, 2-5 January 2020. Deadline for abstract submissions: 1 August 2019.

Will Deliveroo and Uber be captured by the proposed EU platform Regulation? You’d better watch out…

By Pieter van Cleynenbreugel

Online platforms have become major economic players over the past decade. It is not surprising, therefore, that their business practices have captured the European Union’s attention. This attention resulted in a 2018 proposal for a Regulation on transparency and equity in relationships with online platforms, a political agreement on which has been reached between the Commission, Council and European Parliament on 13 February 2019 (see for the press release, http://europa.eu/rapid/press-release_IP-19-1168_en.htm). It is very likely that this Regulation will be adopted before the European Parliament elections of this year. Even though it may seem premature to comment on the Regulation’s content in an in-depth way (the final negotiations and fine-tuning are still in progress at this time), this contribution would like to flag an important gap that has seemingly withstood scrutiny so far. That gap concerns the fact that the proposed Regulation apparently – seemingly unintentionally – would not apply to ‘underlying service-attached intermediation activities’ offered by platforms such as Uber and Deliveroo. This is most surprising, as the Commission clearly wants them to fall within the scope of that Regulation (according to its press release mentioned above, the new instrument is to apply to ‘the entire online platform economy’ if and when adopted). This contribution uncovers that gap and proposes a way to close it. Continue reading

European Data Protection and Freedom of Expression After Buivids: An Increasingly Significant Tension

By David Erdos

On 14 February the Court of Justice of the EU (CJEU) handed down its decision in Buivids, a case which pitted an amateur individual online publisher against the Latvian Data Protection Authority (DPA).  This important case raises fundamental questions concerning the scope of European data protection, the ambit of the personal/household exemption, the legal definition of journalism and the role of data protection as regards to this and also related academic, artistic and literary expression.  The Court’s answers to these questions highlight the close and tense interface between European data protection and freedom of expression.  At the same time, they provide only relatively limited insight as to how the serious tension between data protection, special expression and freedom of expression more broadly should be resolved.  What they do suggest, however, is that not only national legislators but also courts and regulators have active and important roles toplay within this space.  The full implications of this, as well as further guidance on how to balance data protection and special expression, should be provided in the forthcoming case of Stunt which will require the Court to consider whether national courts should disapply the ban on pre-publication injunctions against special expression processing which is set out in UK data protection legislation.  In addition, Grand Chamber CJEU judgments on internet search engines and data protection are awaited both in relation to sensitive data and the geographical reach of any remedy here.  In sum, slowly but surely, an albeit messy corpus of European jurisprudence on data protection and freedom of expression is in the process of gestation. Continue reading

Neues aus dem Elfenbeinturm: January 2019

Conference “La coopération opérationnelle en droit pénal de l’Union européenne”

University of Nantes, 1 February 2019. Deadline for registration: 25 January 2019.

Workshop “Re-conceptualizing Authority and Legitimacy in the EU: New Architectures and Procedures to Reconnect the Union with its Citizens”

LUISS Guido Carli, 1 February 2019. Deadline for registration: 28 January 2019.

Conference “EU Law, Trade Agreements, and Dispute Resolution Mechanisms: Contemporary Challenges”

King’s College London, 21-22 March 2019. Deadline for abstract submissions: 10 February 2019.

Conference “Exit! Il recesso dai trattati multilaterali”

University of Milan, 1 April 2019. Deadline for abstract submissions: 11 February 2019.

Conference “The fight against impunity in EU law”

University of Turin, 14-15 February 2019.

Conference “Constitutional Challenges in the Algorithmic Society”

EUI/University of Florence, 9-11 May 2019. Deadline for abstract submissions: 15 February 2019.

Doctoral Workshop/Seminar “The Rule of Law”

University of Milan, 4-5 July 2019. Deadline for abstract submissions: 10 March 2019.

The Pilatus Bank scandal: time to reconsider banking supervision, anti-money laundering and whistle-blower’s protection in the EU

By Dimitrios Kafteranis

On Monday 23 April 2018, the European Commission released its proposal on the protection of persons reporting on breaches of Union law. The proposal of the European Commission comes after pressure of the European Parliament and other organisations calling for a coherent protection of whistle-blowers at the EU level. This pressure results partially from different scandals that were revealed by whistle-blowers such as Panama Papers or the case of the Pilatus Bank in Malta. The Commission’s proposal aims to set common minimum standards to protect whistle-blowers when they report breaches of EU law. It has several legal bases and covers a wide-range of EU areas such as consumer protection, financial services and the protection of privacy and data. The reporting procedure follows the ‘classic’ three-tier model for whistle-blowing, that is reporting firstly internally, then to the designated authorities and as a last solution to the public. The text is innovative in the sense that it proposes a wide definition of the whistle-blower ranging from trainees to ex-employees. The European Commission regards whistle-blowing as an enforcement tool for the prevention, detection and prosecution of illegalities affecting EU law.

For the future, it is compelling to pursue the negotiations between the two co-legislators of the EU (European Parliament and Council) in order to follow the challenges on the question of whistle-blowing at the national and European level. These negotiations could take many years. This post aims to introduce the reader to the proposal for a Directive on the protection of whistle-blowers by cross-referring to the case of the Pilatus Bank where a journalist and a whistle-blower are involved. The purpose is to highlight that there is a need for an EU Directive on the protection of whistle-blowers and to demonstrate that the proposed EU Directive would have better protected the Pilatus Bank whistle-blower. Furthermore, this contribution will demonstrate the problematic nature of money laundering and banking supervision at the EU level. Following the creation of the Banking Union, the interconnectivity of banks is a fact and a problem in one country can create a domino effect to the others. For example, the Pilatus Bank scandal does not only concern Malta but the European banking system as a whole. Continue reading

The European Commission’s E-evidence Proposal: Toward an EU-wide Obligation for Service Providers to Cooperate with Law Enforcement?

By Vanessa Franssen

On 17 April 2018 the European Commission published its long awaited legislative proposal on e-evidence. This proposal – which actually consists of two strongly interconnected proposals, a Proposal for a Regulation on European Production and Preservation Orders for electronic evidence in criminal matters (‘Proposed Regulation’) and a Proposal for a directive laying down harmonised rules on the appointment of legal representatives for the purpose of gathering evidence in criminal proceedings (‘Proposed Directive’) – is probably the first one in the field of criminal justice cooperation that the Council of the EU urged the Commission to put forward. Indeed, while the Member States are usually quite reluctant to give up sovereignty and to accept EU approximating rules in the field of criminal law, a number of Member States strongly pushed for a legislative intervention by the EU.

This is not entirely surprising: due to the increased use of all kinds of online services and information and communication technologies (ICTs), police and judicial authorities are confronted on a daily basis with the problem to collect electronic evidence, as the data they are looking for are often processed, transmitted and/or stored by foreign service providers, including big global technology companies such as Google, Facebook, Microsoft or Amazon. To compel a foreign person to cooperate in a criminal investigation is not obvious – the enforcement jurisdiction of police and judicial authorities is, in principle, limited to their own national territory.

This post will present the highlights of the double e-evidence proposal that is on the table and the first reactions to the proposals, at a moment where the institutional negotiations are picking up speed. Continue reading

Reconsidering the blanket-data-retention-taboo, for human rights’ sake?

Belgian Constitutional Court offers CJEU chance to explain its puzzling Tele2 Sverige AB-decision

By Frank Verbruggen, Sofie Royer, and Helena Severijns

Compulsory retention, by ICT-providers, of all non-content user and traffic data, to ensure that that data will be available for subsequent use by law enforcement or intelligence, has been a controversial issue in the EU for several years now. On 19 July 2018 the Belgian Constitutional Court requested a preliminary ruling from the CJEU. Basically, it asks the EU Court to further clarify its earlier case law. The Belgian constitutional judges indicate that they find some aspects of the CJEU’s previous decisions puzzling and they also offer a new angle by explicitly linking the matter to the positive obligations of member states under the European Convention on Human Rights. The implied suggestion seems that the CJEU did not give those obligations enough weight when it found blanket data retention obligations disproportionate.   Continue reading

A FRAGMENTATION OF EU/ECHR LAW ON MASS SURVEILLANCE: INITIAL THOUGHTS ON THE BIG BROTHER WATCH JUDGMENT

By Theodore Christakis

Last week, the European Court of Human Rights (ECtHR) issued an important, highly anticipated judgment, condemning the United Kingdom for its mass surveillance program.

Following Edward Snowden’s revelations regarding the United States-United Kingdom intelligence surveillance and intelligence sharing programme, 16 organizations and individuals (including the NGO Big Brother Watch) filed an application against the United Kingdom before the ECtHR. The 212page-long judgment published on September 13, 2018 is rich and deals with a great variety of important issues. Several among them are directly linked to some major legal questions examined in the past by the Court of Justice of the European Union (CJEU) or currently pending before it – not to mention the ongoing debate about whether the EU-US data transfer agreement known as Privacy Shield provides an “adequate level of protection”. The objective of this piece is to provide some first thoughts focusing on the strategic place of this judgment in the European legal landscape. Continue reading

Another Turn of the Screw? The ‘Facebook Fanpages’ judgment

By Orla Lynskey

Introduction

The data protection practices of social networking giant Facebook have been the subject of much regulatory and public scrutiny in recent months, from the Cambridge Analytica saga to the allegation that Facebook’s consent mechanism is not GDPR-compliant and its terms of service constitute an abuse of dominance. The recent judgment of the Grand Chamber of the CJEU is therefore likely to add to Facebook’s data protection woes, by increasing the pressure on it to reconsider the data processing practices that underpin its business model. Continue reading

Neues aus dem Elfenbeinturm: April 2018

Conference “Sovereigns and citizens in the Brexit bargain: Do rights count?” (Prof. Takis Tridimas)

Université de Liège, Amphithéâtre Portalis, 23 April 2018 (15:30-16:30).

Summer School “Parliamentary Accountability and New Technologies: Transparency, Privacy and Security Challenges”

LUISS Guido Carli University, Rome, 9-20 July 2018. Deadline for applications: 29 April 2018.

Call for papers: Edited Volume “Legal Impact Assessment of Brexit”

Deadline for submissions: 9 May 2018.

Workshop “The International Legality of Economic Activities in Occupied Territories”

T.M.C. Asser Institute, The Hague, 17 October 2018. Deadline for abstract submissions: 15 May 2018.

Conference “Procedural rights in criminal proceedings in the EU”

Universities of Utrecht, Leiden and Maastricht, 13-14 September 2018. Deadline for applications: 15 May 2018.

Conference “Human Rights Laws at a Crossroads: What Directions after Brexit?”

University of Leicester, 25 May 2018. (Free) registration necessary.

Workshop “Constitutional Protection of Minorities – Comparing Concepts, Models and Experiences in Asia and in Europe

University of Trento, 4-5 May 2018. Registration necessary.

Summer School “Comparing Constitutional Adjudication – Islam in Constitutional Adjudication in Europe”

Dimaro, Italy, 30 July-3 August 2018. Deadline for applications: 26 April 2018.

Seminar “The Western Sahara Campaign Case”

Queen Mary University of London, 3 May 2018. Registration necessary.

Neues aus dem Elfenbeinturm: January 2018

Call for papers: Workshop “Information Sharing and European Agencies: Novel Frontiers”

European University Institute, 23 May 2018. Deadline for submissions: 15 February 2018.

Call for Papers: “Challenges to EU Law and Governance in the Member States”

European University Institute, 8 June 2018. Deadline for submissions: 18 February.

Call for papers: Special Issue “Revisiting WTO’s Role in Global Governance”

Trade, Law and Development. Deadline for submissions: 28 February 2018.

Call for Papers: PhD Colloquium “Regulating New Technologies in Uncertain Times”

Tilburg University, 14 June 2018. Deadline for submissions: 28 February 2018.

Call for Papers: “Geography and Legal Culture on the International Bench”

Leiden University, The Hague Campus, 17-18 May 2018. Deadline for submissions: 28 February 2018.