…ns that the various parties can express their positions. The Court may ask questions in connection with the preliminary ruling. Sometimes, these questions already show a tendency for a subsequent judgment. The request for a preliminary ruling from Sweden is particularly relevant for Germany, where recently a new data retention law has been adopted by the Parliament. In the reasoning of the new law, „Law establishing a storage requirement and…
…n Union (Ireland). Therefore there exists no risk in the present case that natural persons affected by the contested data processing operation could be deprived of the protection offered by Directive 95/46/EC. The question in this case only was which national data protection law (within the scope of Directive 95/46/EC) would apply. According to the court, in the case of such a conflict of data protection laws of Member States, the law of the count…
…country in fact to ensure a level of protection of fundamental rights and freedoms that is essentially equivalent to that guaranteed within the European Union. According to the Commission, this means that it is not necessary for the third country in question to have data protection rules which are a “photocopy” of the EU system. It is especially not necessary that each individual provision in European data protection law is reflected in the third…
…Inc. uses Cookies to process personal data of German users. In accordance with the view taken by the Art. 29 Working Party (WP 179, p. 21), the Court considers the placing of Cookies on the PC of a user and the processing of personal data via these Cookies as „making use of equipment“. In a next step the Court examines, if perhaps nevertheless the relevant establishment for the processing of personal data could in fact be Facebook Ire…
…n obligations under the GDPR. The DPAs point to Art. 5 para 2 GDPR and for example the obligation in Art. 24 para 1 GDPR, according to which the controller must be able to demonstrate that processing is performed in accordance with the GDPR. In the second paper the DPAs shed some light on their interpretation of Art. 58 and Art. 83 GDPR. The DPAs explain that besides making use of an investigative or corrective power according to Art. 58 GDPR, the…
…n initiated, but is not yet completed. The Commissioner is also in contact with Google. In the past, the Data Protection Authority of Hamburg negotiated a solution for website operators in Hamburg to lawfully use Google Analytics. This solution was also acknowledged by the other German Data Protection Authorities. In the view of the authorities, the implementation of the tool required the following measures: Conclusion of a data processing agreeme…
…onenbezogenen Daten ein, schmälert aber zugleich den Anwendungsbereich der free flow Verordnung. In Art. 1a der Verordnung wird dann die ebenso wichtige Frage der gemischten Datensätze angesprochen, also Datensätze, die sowohl personenbezogene als auch nicht personenbezogene Daten enthalten. Eigentlich würden wohl die Meinungen im Datenschutzrecht in einer solchen Situation ohne viel Diskussion vom Vorliegen personenbezogener Daten in Gänze ausgeh…
…eady mentioned this position only forms the lowest common denominator and is not binding. Views in the different federal states may therefore differ. To recall one of the central points of the CJEU’s decision, Data Protection Authorities are responsible for monitoring, with complete independence, compliance with EU rules on the protection of individuals with regard to the processing of such data. It can therefore not be ruled out that we might see…
…ns (UN/ECE) – Uniform provisions concerning the approval of vehicles with regard to steering equipment) is currently under way. In its draft law, the Federal Government is assuming that the required blackbox in vehicles with automated systems will entail higher production costs. The draft law is characterized as particularly urgent by the Federal Government. The intention is certainly to pass the final law in the coming months, before the fe…
…he European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), COM(2012) 11 final, 25.1.2012 2) European Parliament LIBE Committee, Report on a comprehensive approach on personal data protection in the European Union, A7-0244/2011, 22.6.2011 European Parliament resolution of 6 July 2011 on a comprehensive approach…