Article 83 of the GDPR provides for two levels of administrative fines: a lower level – maximum of €10 million or 2% of the global turnover – for violations relating to record-keeping, data security, data protection impact assessments, data protection by design and default, and data processing agreements; and a higher level – maximum of €20 million or 4% of … Continue Reading
Only two weeks ago, the Federal Court of Justice (BGH) referred various questions to the Court of Justice of the European Union (CJEU) concerning the liability of the video platform YouTube. There, the court’s queries focused on who is actually responsible for unlawfully uploaded content – just the uploader himself or the service provider as … Continue Reading
Ever since the European Court of Justice (CJEU) in its highly regarded UsedSoft ruling declared the resale of “used” software admissible (dated 3 July 2012, C-128/11), the discussion has persistently centered around the question whether the idea of the so-called exhaustion, upon which UsedSoft is essentially based, could or should be extended to other digital content – such as … Continue Reading
|The famous case brought by Maximilian Schrems against Facebook Ireland in Austria, aimed to become an international and large data protection class action, led on 25 January 2018 to a ruling from the CJEU on two main points:
On 29 November 2017, the European Court of Justice (CJEU) handed down a decision on a video recording service that stores TV programmes online in a cloud (C-265/16 – VCAST). According to the Court, the cloud recording service has a dual function that enables its users to create reproductions on the one hand but also makes copyright protected … Continue Reading
With decision of 8 May 2017, the regional Court of Berlin referred to questions for preliminary ruling to the Court of Justice of the European Union (CJEU). The court is concerned whether the rules on the press publishers’ neighbouring right – as implemented into German copyright law in 2013 – were properly enacted back then. Specifically, the judges wish to … Continue Reading
There is no end in sight regarding CJEU decisions on the meaning of “communication to the public“. On 26 April 2017, the European Court of Justice (CJEU) ruled (C-527/15 – Filmspeler) that the sale of a multimedia player with pre-installed add-ons that contained links to illegal streaming websites constitutes a copyright infringement. At the same time, … Continue Reading
The cases that deal with the meaning of “communication to the public” continue: in a current reference for a preliminary ruling, the European Court of Justice (CJEU) will have to decide whether the operators of websites that index content available on peer-to-peer (P2P) networks, such as The Pirate Bay, infringe copyright when there is no actual content … Continue Reading
In yet another key case dealing with the balance between citizens’ privacy and the ability of the state to intrude into it, the Court of Justice of the European Union (CJEU) has ruled on the compatibility with European Union law of legislation that authorises the retention of communications data, which includes personal data. The reference from the UK Court of … Continue Reading
Is it permitted to reproduce out-of-commerce works and make them publicly accessible under European copyright exceptions? So far, there is no explicit regulation at European level dealing with out-of-commerce works. However, a few member states, including Germany, have already complemented their copyright by way of introduction of new provisions governing the use that one can make of out-of-stock works. In … Continue Reading
Ever since the first draft of the EU-US Privacy Shield framework was published in early 2016, groups opposed to the idea have indicated their intent to challenge the legality of the framework under EU law. Recently, the privacy advocacy group Digital Rights Ireland (DRI) made good on that promise. Following the filing of a formal complaint on 15 September asking … Continue Reading
On 10 November 2016, the European Court of Justice (CJEU) rendered a landmark decision on the lending of e-books. Public libraries may rely on statutory copyright exceptions when lending out e-books and are not required to obtain a contractual license explicitly covering such e-lending right. With its decision, the CJEU applies the same legal principles to e-books that already govern … Continue Reading
The Court of Justice of the European Union (CJEU) has ruled that dynamic IP addresses are capable of constituting personal data under certain circumstances, ending years of speculation about whether such essential building blocks of the Internet qualified for protection under the EU Data Protection Directive.
In Patrick Breyer v Bundesrepublik Deutschland, the German Federal Court referred two questions … Continue Reading
Guests entering hotel rooms expect to be able to turn on the TV or listen to the radio. Accordingly, TVs and radios feature in almost any hotel room around the world. However, this commodity has been the trigger for numerous legal disputes in recent years. As always, the quarrel is about money.
In this post we look at proceedings which … Continue Reading
So far, September has been a busy month in Luxembourg. On 8 September 2016, the Court of Justice of the European Union (CJEU) handed down a ground-breaking judgment on hyperlinking (Case Ref.: C-160/15 – GS Media, see our earlier post). On 15 September 2016, this equally important verdict followed (Case Ref.: C-484/14 – McFadden). The judges had … Continue Reading
On 12 July 2016, the European Commission issued its much awaited “adequacy decision” concerning the Privacy Shield framework for the transfer of personal data from the EU to the U.S. This adequacy decision is based on the latest version of the Privacy Shield, which was further negotiated and revised following the Article 29 Working Party’s April 2016 concerns with … Continue Reading
Will the lending of e-books be governed by the same rules as the lending of “classic” printed books? This is an important question that public libraries and others are eagerly trying to get answered in Europe. The Court of Justice of the European Union (CJEU) currently is sitting over a case that deals with exactly this query. At the heart … Continue Reading
On 31 May 2016, the European Court of Justice (CJEU) handed down a long awaited decision regarding the interpretation of the term “communication to the public” (Case Ref. C-117/15). Over recent years, the interpretation of this term has been heavily under discussion. It was subject-matter of various lawsuits in many Member States as well as before the … Continue Reading
One of Harry Houdini’s most difficult tricks consisted of escaping from a nail-fastened and rope-bound wooden crate with manacles on his hands and feet, while submerged in New York’s East River. That feat is starting to look straightforward when compared to the prospect of lawfully exporting personal data out of the European Union. The restrictions on transfers of data to … Continue Reading
Unlike EU ‘directives’, EU ‘regulations’ are by nature directly effective in EU Member States and so do not require further implementation into national laws. Previously, European data protection law was governed by the Data Protection Directive. It was the responsibility of Member States to implement the Data Protection Directive into their national law. When … Continue Reading
Unveiled February 29, 2016, the new EU-U.S. Privacy Shield attempts to address the shortcomings of the Safe Harbor arrangement identified originally by the European Commission and later by the Court of Justice of the European Union (CJEU) in its Schrems decision. The Privacy Shield proposes improved data protection principles, better enforcement by the US Department of Commerce and the Federal … Continue Reading
Hyperlinks are yet again on the Court of Justice of the European Union’s (CJEU) agenda. Whilst in 2014, the decision Svensson (C-466/12) and BestWater International (C-348/13) set path-breaking precedent, the current matter GS Media (C-160/15) promises to fill those gaps that remained after the first two judgments.
On 7 April 2016, it was for … Continue Reading
In a thorough legal analysis of the EU-U.S. Privacy Shield framework, a report from Hogan Lovells says the framework would stand up in the Court of Justice of the European Union (CJEU), and that the true level of data protection afforded by the Privacy Shield framework will only be demonstrated by its functioning and the practices of its participants.
The … Continue Reading
Free Wi-Fi is an achievement for the community, particularly if it is also password-free. However, in numerous European countries service providers are reluctant to offer free Wi-Fi as they fear the consequences of being made liable for infringements the Internet users might commit whilst being online. The Court of Justice of the European Union is currently sitting over a case … Continue Reading