Category: Data protection and digital governance

Advocate General wants libraries to lend e-books (Opinion of AG Szpunar in C- 174/15, Vereniging Openbare Bibliotheken)

By Bernd Justin Jütte

On 16 June 2016 Advocate Geneal (AG) Szpunar, who recently is very active in the field of European copyright (see also on this blog here), published his Opinion in Vereniging Openbare Bibliotheken v Stichting Leenrecht. The case deals with the question whether public libraries are entitled to lend electronic versions of books (e-books) and, if so, under which conditions. The AG takes a favourable position regarding the lending of e-books under the Rental and Lending Rights Directive (Directive 2006/115/EC). Yet, what is more interesting than the actual outcome of his opinion is his very daring argumentation to treat e-books and printed books alike for the purpose of the said Directive. The opinion, if followed by the Court of Justice (CJEU), could also have an influence on the interpretation of the Information Society Directive (Directive 2001/29/EC) and more far-reaching questions of digital exhaustion.

It is quite noteworthy that AG Szpunar highlights in a rather long introduction the important role of libraries and their difficulties to adapt to the changing circumstances of book consumption. He identifies the case as one which would enable the Court “to help libraries not only to survive, but also to flourish.” (para. 1) This, so the AG, would be possible by answering the question whether libraries are allowed to lend e-books. Continue reading

Limited liability for free Wi-Fi access (Case C-484/14, Mc Fadden v Sony Music)

By Justin Jütte

The civil liability of intermediary service providers remains a hotly debated topic in EU law, especially in relation to infringement of intellectual property rights (IPRs). Whereas the Information Society Directive (Directive 2001/29/EC), as well the IP Enforcement Directive (2004/48/EC) provide that owners of IPRs can, in principle, request injunctions against intermediaries, the E-Commerce Directive (Directive 2000/31/EC) exempts certain intermediaries from indirect liability under certain, well defined circumstances. The present case raises questions as to the scope and interpretation of Article 12 of the E-Commerce Directive, in particular with regard to fundamental rights. Concretely, the referring court in Tobias Mc Fadden v Sony Music Entertainment Germany GmbH asks under which circumstances and to what extent operators of publicly accessible Wi-Fi networks can be held liable for infringements of works protected by copyright, and what type of injunctions can be ordered against such operators.

Continue reading

In the Shadows of the Data Protection Juggernaut: Bara and Weltimmo

By Orla Lynskey

Data protection policy, in particular the right to protection of personal data in Article 8 of the EU Charter, has remained firmly within the EU law limelight in recent years. This right played a key role in seminal judgments of the CJEU such as Schecke and Eifert, where for the first time a provision of secondary legislation was annulled for incompatibility with the Charter, and in Digital Rights Ireland (discussed earlier on this blog), where for the first time an entire Directive was annulled on the same grounds. Furthermore, in Google Spain (considered here) this fledgling right was ostensibly given precedence over the more established right to freedom of expression in certain circumstances, leading to a media furore on both sides of the Atlantic. 2015 was no different in this regard as much attention focused on the Court’s judgment in Schrems (discussed here), which invalidated the 15 year old Safe Harbor data sharing agreement between the EU and the US, and on the culmination of four years of negotiation on the new Proposed General Data Protection Regulation in December.

For good or for bad, the EU data protection juggernaut appears unstoppable, leaving in its wake legal instruments that do not meet its strict standards. Yet, in the shadows of these well-documented events, other noteworthy developments occurred. 2015 also saw the Dutch referring court withdraw its preliminary reference in Rease and Wullems, thereby regrettably removing the opportunity for the CJEU to pronounce upon the margin of discretion of national Data Protection Authorities (DPAs) when adopting a de minimis approach to their enforcement strategy to the detriment of individual or small group complainants. The Court did, however, deliver a number of largely overlooked yet significant data protection judgments in 2015. This contribution will focus on two significant cases which the CJEU delivered in the first week of October, immediately prior to the Schrems judgment, in Bara and Weltimmo. These preliminary references allowed the Court to clarify the interpretation of obligations and exemptions under the Data Protection Directive, as well as the Directive’s enforcement in online situations. Continue reading

Top ten most read posts of 2015

By the editors

As is becoming a tradition with our blog (albeit a bit late this year), we present to you our top 10 most read posts of the last year. We have had another good year of blogging behind us: more readers contributing to the content of the blog with 33 posters coming from approximately 14 different countries this year. Equally important is that readership is steadily increasing according to Google Analytics (plus: we now have almost 1600 email subscribers and 2400 followers on twitter). Most of you are from the UK, followed by the Netherlands, Belgium, Germany, the United States, Italy, Sweden, France, Ireland and Poland, respectively.

Keeping in mind that there is a certain bias in favour of older posts which have had more time to become popular, this is the 2015 list of most read posts of the year: Continue reading

Public access to documents: effective rear guard to a transparent EU?

By Elinor Pecsteen

Recently, journalists from all EU member states raised, for the first time ever, a joint voice before the Court of Justice of the European Union (CJEU) against the refusal of the European Parliament (EP) to give access, on grounds of personal data protection, to information on how MEPs spend their allowances.

This development is no surprise as the endeavour by individuals and non-governmental organisations alike to hold the EU to its democratic imperative of openness and transparency has been a clearly increasing tendency over the years. However, meeting the expectations of the civil society is not always an easy task for the EU institutions, which must keep a fair balance between transparency and the protection of an individual’s privacy and integrity throughout their processes.

This balance has become essential in the present context of increasing numbers of requests for public access to EU institutions documents containing personal data. Yet, the question remains unclear as to when it is legitimate for an institution to refuse access to documents on the ground of personal data protection.

The following post attempts to shed some light on this question by discussing two recent CJEU judgments whose common threads allow for some interesting consistency to be found in the Court’s logic. On the basis of these judgments, it would seem that for the Court, the use of personal data protection as a justification for refusing requests for access to documents should be restricted. Such requests are essential to increase the confidence of citizens in the EU and require that, provided the conditions are fulfilled, full access be given to the institutions’ documents, personal data included. The Court specifies that the context of public mistrust in the EU and the potential dual role of its decision-makers must weigh in the institutions’ assessment of the conditions. Continue reading

Schrems vs. Data Protection Commissioner: a slap on the wrist for the Commission and new powers for data protection authorities

By Fanny Coudert

On 6th of October, in Schrems vs. Data Protection Commissioner, the CJEU, following the controversial Opinion of AG Bot, put an end to the specific regime regulating data flows to the US. The 4600 US companies using this agreement are now forced to rethink how to ensure the continuity of the protection when data are transferred from EU to the US. In this milestone ruling, the Court also reaffirmed the key role played by national Data Protection Authorities (DPAs) in the European system of data protection, and clarified the different competences of the European Commission, the DPAs and the courts –including the ECJ- in assessing the adequate level of protection offered by a third country. Continue reading

Neues aus dem Elfenbeinturm: September 2015

Conference “The European Union as an Actor in International Economic Law”

University of Luxembourg, 1-2 October 2015. Deadline for registration: 30 September 2015.

Conference “Criminal Justice: Jurisprudence of the European Court of Justice – Today and Future”

Court of Justice of the European Union, 2-3 October 2015. (Paid) registration required.

Inaugural CMLRev Conference “Membership of the Union and Membership of the Euro”

University of Liverpool, 9 October 2015. (Free) registration required.

Workshop “Mutual Legal Assistance in the Digital Age: Problems, Challenges, Solutions for Criminal Justice”

University of Luxembourg, 15 October 2015. (Free) registration required.

Workshop “A balanced data protection in the EU: conflicts and possible solutions”

UM Campus Brussels, University of Maastricht, 19 October 2015. (Paid) registration required.

Conference “Migration Policy in the European Union – Current Challenges and Future Developments”

University of Luxembourg, 22-23 October 2015.

Call for submissions for the 2016 edition of the Hibernian Law Journal

Deadline for submissions: 31 October 2015.

EIUC Training for International Electoral Observers

Monastery of San Nicolò, 23-28 November 2015. Deadline for application: 30 October 2015.

Workshop “Victims in Europe – Needs, Rights, Perspectives”

University of Luxembourg, 16 November 2015.

Colloquium “The Environment in Court – Environmental Protection in National and International Courts, Tribunals, and Compliance Mechanisms”

PluriCourts, University of Oslo, 20-25 June 2016. Deadline for abstract submissions: 15 January 2016.

Neues aus dem Elfenbeinturm: June 2015

Summer Academy in Global Food Law and Policy

Bilbao, 20-24 July 2015. Deadline for application: 18 June 2015.

Conference “Constructive Links or Dangerous Liaisons? The Case of Public International Law and European Union Law”

Queen Mary University of London, 25-26 June 2015. Registration open.

Critical Legal Conference 2015 “Law, Space and the Political”

University of Wroclaw, 3-5 September 2015. Deadline for paper proposal submission: 30 June 2015.

Call for Papers “5es Journées des Doctorants du Centre de Droit des Migrations”

Muntelier-Leuwenberg, Universities of Bern/Fribourg/Neuchâtel, 26-27 November 2015. Deadline for abstract submissions: 19 August 2015.

Call for Papers for the PhD Forum “Law and Governance in the Digital Era”

University of Amsterdam, 20 November 2015. Deadline for abstract submissions: 4 September 2015.