scholarly journals A Reality Check of the Schrems Saga

2021 ◽  
Vol 4 (2) ◽  
pp. 48-65
Author(s):  
Claes G. Granmar
Keyword(s):  
Data Protection ◽  
Private International Law ◽  
Eu Law ◽  
Systematic Analysis ◽  
Eu Member States ◽  
Adequate Level ◽  
First Case ◽  
The Us ◽  
Data Subject ◽  
The Eu

From an enforcement point of view, the revocation of the European Commission’s two adequacy decisions on the federal US system of data protection raises many questions regarding the interrelations between the EU data protection regime and the Union’s legal frameworks for data ‘transfers’. Whereas data uploaded in the Union was once upon a time wired over the Atlantic to be downloaded in the US and vice versa, data packets are nowadays often exchanged over various radio spectra. As online resources around the world can be used to store data, and the data is made available and retrieved from domains rather than ‘exported’ and ‘imported’, the idea that the EU data protection regime would no longer apply when data is ‘transferred’ from the Union easily leads astray. In fact, the location of data or data processing equipment is irrelevant for the applicability of EU law as its territorial scope is determined by the location of the data subjects or undertakings concerned. Whereas the EU legislation applies with regard to legal entities overseas with affiliated undertakings in the Union, the Union seeks to guarantee the EU data subjects an adequate level of protection also in cases of onward transfers of data to non-affiliated organisations and unwarranted interceptions. Furthermore, the European Commission promotes a level of protection in non-EU Member States that is essentially equivalent to that enjoyed under the EU data protection regime since the authorities and courts may refrain from applying EU law pursuant to private international law. However, the Cases which resulted in the revocation of the two adequacy decisions concerned an Austrian citizen filing complaints against an undertaking established in Ireland and its US parent company. Hence, it must be called into question whether the EU data protection regime should at all have been substituted by the US system irrespective of whether it provided an adequate level of data protection. An argument could be made that the adequacy decisions applied beyond the substantive scope of EU law, but that brings questions to fore about the competence of the Union to adopt such decisions. In addition, the procedural system introduced in the first Case regarding Mr. Schrems is rather problematic as it requires national authorities and courts to assess the validity of adequacy decisions. Besides the distortion of the right for national courts to request preliminary rulings into an obligation to do so, most data subject are reluctant to get involved in disputes about the entire legal regime. In many instances, the data subject may rather rely on her or his procedural rights as a consumer. In this article, a systematic analysis of these aspects of the EU privacy safeguards is provided. 

Safeguarding Individuals in the Data-driven Economy—EU Data Protection Framework in a Nutshell

2021 ◽  
pp. 16-47
Author(s):  
Helena U. Vrabec
Keyword(s):  
Big Data ◽  
Data Protection ◽  
The Body ◽  
Data Driven ◽  
Eu Law ◽  
Member States ◽  
Eu Member States ◽  
Individual Protection ◽  
Specific Manifestation ◽  
The Eu

Chapter 2 shows that EU law protects individuals and their data through several provisions of primary and secondary law, which, in many aspects, complement each other. EU primary law refers to the body of treaties which represent the agreement of the EU Member States and form the foundation of the EU. EU secondary law is a specific manifestation of more general fundamental principles of EU law. It comprises unilateral acts such as regulations and directives that enable the EU to exercise its powers. Recognising that the body of law that adds to individual protection in the big-data age has been evolving, the chapter provides an analysis of the most relevant parts of the primary and secondary legislation.

Data protection and law enforcement access to digital evidence: resolving the reciprocal conflicts between EU and US law

2020 ◽  
Vol 28 (2) ◽  
pp. 167-184
Author(s):  
Jessica Shurson
Keyword(s):  
Cloud Computing ◽  
Law Enforcement ◽  
Data Protection ◽  
Service Providers ◽  
Digital Evidence ◽  
Foreign Service ◽  
Eu Member States ◽  
The Us ◽  
The Eu ◽  
Legal Processes

Abstract The rise in cloud computing has highlighted two separate, and often conflicting, needs for states—the need to protect the data of their citizens and the need of law enforcement authorities (LEAs) to access this data as evidence, often stored by service providers across borders. Both the US and European Union (EU) Member States have asserted that their domestic legal processes are adequate to require disclosure of data that may be held overseas or controlled by a foreign service provider. Yet, both the US and the EU have data protection statutes that will potentially block the transfer of data to foreign LEAs pursuant to these domestic legal processes. This article explores these reciprocal conflicts, considers how they may be resolved, and raises new questions about potential conflicts for UK LEAs in light of the UK’s withdrawal from the EU in 2020.

scholarly journals INTERNATIONAL LAW ASPECTS OF GERMAN COPYRIGHT LAW (GCL)

2017 ◽  
Vol 3 (4) ◽  
pp. 93-98
Author(s):  
Юрий Юмашев ◽  
Yuriy Yumashev ◽  
Елена Постникова ◽  
Elena Postnikova
Keyword(s):  
Intellectual Property ◽  
International Law ◽  
Legal Regulation ◽  
Copyright Law ◽  
World Intellectual Property Organization ◽  
The Internet ◽  
Private International Law ◽  
Member States ◽  
Eu Member States ◽  
The Eu

The article deals with international law aspects of the GCL. To this aim firstly the international conventions on copyright law are analyzed, in particular: the Berne Convention for the Protection of Literary and Artistic Works in the wording of the Paris Act of 1971, the Convention on the Establishment of the World Intellectual Property Organization of 1967, the Convention for the Protection of Performers, Producers of Phonograms and Broadcasting Organizations of 1961 and Aspects of intellectual property rights (TRIPS) 1994. There is also an analysis of the EU copyright law in terms of its correlation with the law of the EU member-states and an assessment of its evolution. It is emphasized that the core fact of origin of authorship is determined on the basis of the national legislation of the Member-States. Special attention is paid to the scope of the “principle of exhausted rights”. The article also touches upon the aspect of private international law. Particular attention is paid to the legal regulation of the Internet, including Internet providers, and its impact on the formation of the GCL. The problem of combating Internet piracy is also raised, as copyright infringement often occurs in relation to works published online. In addition, the article revealed what changes were made to the GCL to comply with EU law (including secondary law acts and the practice of the EU Court). The result of the study is, among other things, the conclusion that special legal mechanisms should be developed to regulate new forms of selling works that have emerged as a result of technological progress and in the near future the Internet will undoubtedly form ways for the further development of the GCL. However, this process can negatively affect the leading role of the author as a creative person.

Data Protection in EU Law After Lisbon

2019 ◽  
pp. 73-99
Author(s):  
Maria Tzanou
Keyword(s):  
Data Protection ◽  
Critical Comment ◽  
Lisbon Treaty ◽  
New Right ◽  
Eu Law ◽  
Court Of Justice ◽  
Comprehensive Data ◽  
Right To Be Forgotten ◽  
The Eu

This chapter provides an analysis of the data protection rules in EU law, focusing on the constitutional and legal developments after the entry into force of the Lisbon Treaty. It examines the jurisprudence of the Court of Justice of the EU on data protection issues, including the recent decisions of the Court on metadata retention and the new right to be forgotten. It concludes with a critical comment on the possibilities and limitations of the EU to provide for effective and comprehensive data protection.

5. The legal framework

2021 ◽  
pp. 48-54
Author(s):  
Ariel Ezrachi
Keyword(s):  
Mergers And Acquisitions ◽  
Competition Law ◽  
Legal Framework ◽  
Monopoly Power ◽  
Antitrust Law ◽  
Eu Member States ◽  
Eu Competition Law ◽  
The Us ◽  
Restraint Of Trade ◽  
The Eu

‘The legal framework’ outlines the key competition provisions currently in the US and EU. Like in most other jurisdictions, EU and US laws include competition provisions that are used to address antitrust violations such as anti-competitive agreements or abuse of monopoly power. They also include laws dealing with proposed mergers and acquisitions. The US Antitrust Law prohibits contracts and agreements between two or more individuals or entities in restraint of trade or commerce. Meanwhile, EU competition law prohibits agreements between ‘undertakings’ that have, as their object or effect, the prevention, restriction, or distortion of competition, and affect trade between the EU member states.

Europe’s Cosmopolitan Union

2021 ◽  
pp. 204-226
Author(s):  
Bertjan Wolthuis ◽  
Luigi Corrias
Keyword(s):  
Public Law ◽  
Internal Market ◽  
The Other ◽  
Refugee Crisis ◽  
Eu Law ◽  
Eu Member States ◽  
Cosmopolitan Law ◽  
Migration Law ◽  
Legal Condition ◽  
The Eu

The chapter provides a Kantian reading of EU internal market law and the refugee crisis of 2015. The chapter argues that the EU should be viewed as a cosmopolitan union. The authors ask whether EU law, understood as positive cosmopolitan law, can be qualified as an extension of the legal condition, and whether it can be viewed as consistent with the other two parts of public law, especially with the freedom of EU member states which also depend on the possible connection to global, much less extensive, systems of positive cosmopolitan law such as migration law.

Higher Education, Equal Access, and Residence Conditions: Does EU Law Allow Member States to Charge Higher Fees to Students Not Previously Resident?

2005 ◽  
Vol 12 (3) ◽  
pp. 227-240 ◽  
Author(s):  
Gareth Davies
Keyword(s):  
Higher Education ◽  
Case Law ◽  
Social Effects ◽  
Eu Law ◽  
Financial Benefit ◽  
Member States ◽  
Policy Issues ◽  
Eu Member States ◽  
Law And Policy ◽  
The Eu

This article looks at the law and policy issues surrounding the practice of charging uniform fees for higher education to home students and students coming from other EU Member States. It begins with the observation that within the EU such fees are heavily subsidised by governments and therefore amount to a financial benefit (or a disguised grant) to students. In the light of this, this article suggests that restricting that subsidy to students resident prior to their studies would be not only compatible with recent case law on non-discrimination but would also fit better with the underlying logic of free movement, which denies any right to benefits for non-economic recent migrants. Secondly, it looks at the policy, and finds that while equal fees have a number of very positive social effects, they also carry moral and economic risks. A better approach, less distorting of the market for higher education and more consistent with the wider EU approach to welfare migration, might be to require exportability of subsidies from the student's state of origin.

scholarly journals La proteccion de datos personales en la más reciente jurisprudencia del TJUE: los derechos de la CDFUE como parámetro de validez del derecho europeo, y su impacto en la relación transatlántica UE-EEUU

2017 ◽  
pp. 557
Author(s):  
Juan Fernando López Aguilar
Keyword(s):  
Data Protection ◽  
Fundamental Rights ◽  
European Law ◽  
Legal Doctrine ◽  
Digital Rights ◽  
Eu Legislation ◽  
Safe Harbour ◽  
The Us ◽  
The Impact ◽  
The Eu

Desde los primeros capítulos de la construcción europea con el Tratado de Roma (1957) que cumple 60 años, la jurisprudencia dictada por el Tribunal de Justicia ha sido determinante para la dimensión constitucional del ordenamiento comunitario. En una secuencia de decisiones históricas, el TJ ha afirmado su primacía, eficacia vinculante y su unidad garantizando su interpretación y aplicación uniforme, pero también, sobre todo, los derechos fundamentales dimanantes de las tradiciones constitucionales comunes como fuente del Derecho europeo (principios generales). Esta doctrina se consolida en Derecho positivo, al fin, con la entrada en vigor del Tratado de Lisboa (TL) en 2009, incorporando el TUE, el TFUE, y, relevantemente, la Carta de Derechos Fundamentales de la UE (CDFUE) con el «mismo valor jurídico que los Tratados» y, consiguientemente, parámetro de validez de todo el Derecho derivado, así como de enjuiciamiento de la compatibilidad de la legislación de los EE.MM con el Derecho europeo.La doctrina del TJUE sobre derechos fundamentales ha sido su proyección sobre la protección de datos en el marco de los derechos a la vida privada, a la privacidad frente a la transferencia electrónica de datos y al acceso a la tutela judicial de estos derechos (art. 7, 8 y 47 CDFUE). En ella conjuga los principios de reserva de ley (respetando su contenido esencial) y de proporcionalidad y necesidad de las medidas que les afecten. Pero, además, esta doctrina ha adquirido un impacto decisivo en la articulación jurídica de la relación transatlántica entre la UE y EEUU, confrontando los estándares de protección de datos a ambos lados del Atlántico e imponiendo garantías de un «nivel de protección adecuado» para los ciudadanos europeos. Este artículo examina el impacto de dos recientes sentencias relevantes del TJ —Asunto Digital Rights Ireland (2014) y Asunto Schrems (2015)— sobre el Derecho derivado (Directiva de Conservación de Datos de 2006, Directiva de Protección de Datos de 1995, y Decisión de «adecuación» de la Comisión Europea de 2000) y sobre instrumentos de Derecho internacional (Acuerdo Safe Harbour) entre la UE y EEUU. Impone, como consecuencia, no sólo una negociación que repare las deficiencias detectadas en ambas resoluciones sino una actualización del Derecho europeo (nuevo Data Protection Package en 2016) y una novedosa Ley federal de EEUU que por primera vez ofrece a los ciudadanos europeos acceso al sistema de recursos judiciales ante los tribunales estadounidenses en la defensa del derecho a la protección de datos (Judicial Redress Act, 2016).Right from the first very chapters of the European construction under the Treaty of Rome (1957), which turns 60 this year 2017, the jurisprudence by the Court of Justice has truly been decisive to shape the constitutional dimension of the European Community legal order. In a series of historical decisions, the CJEU has affirmed its primacy, its binding efficacy and unity, while guaranteeing its uniform interpretation and implementation. But it has also, above all, enshrined the fundamental rights resulting from the common constitutional traditions as a source of European Law (i.e general principles). This legal doctrine has been ultimately consolidated in positive Law, finally, with the entry into force of the Treaty of Lisbon (TL) in 2009, incorporating the TEU, the TFEU and, most notably, the Charter of Fundamental Rights of the EU (CFREU) with the «same legal value as the Treaties». Charter Fundamental Rights have turned to be, consequently, a parameter for examining the validity of secondary EU legislation, as well as for scrutinizing and reviewing the standard of compatibility of the national legislation of EU Member States with European law. The legal doctrine of the ECJ on fundamental rights has been particularly relevant in its impact on the data protection in the framework of the rights to privacy, privacy with regard to the electronic data transfer, and access to judicial protection of these rights (art. 7, 8 and 47 CFREU). It combines the principles of reservation of law (in due respect of its essential content) as well as proportionality and necessity for legislative measures that might affect them. But, moreover, this doctrine has had a decisive impact on the legal articulation of the so-called transatlantic partnership between the EU and the US, confronting data protection standards on both sides of the Atlantic and imposing guarantees of an «adequate level of protection» for all European citizens. This paper explores the impact of two recent relevant decisions by the ECJ — its rulings on Digital Rights Ireland case (2014) and on the Schrems case (2015) — upon the secondary EU legislation (Data Retention Directive of 2006, Data Protection Directive of 1995, and the «adequacy» Decision of the European Commission of 2000), as well as upon International Law instruments (Safe Harbour Agreement) between the EU and the US. It imposes, as a consequence, not only a negotiation that remedies the shortcomings detected in both decisions, but also a compelling updating of European law itself (new Data Protection Package in 2016) and a new US federal law, which, for the first time ever, provides European citizens with access to judicial remedies in U.S. Courts in defending their right to data protection (Judicial Redress Act, 2016).

scholarly journals Google LLC v. Commission nationale de l'informatique et des libertés (CNIL)

2020 ◽  
Vol 114 (2) ◽  
pp. 261-267
Author(s):  
Monika Zalnieriute
Keyword(s):  
Search Engine ◽  
Data Privacy ◽  
Freedom Of Information ◽  
Eu Law ◽  
The European Union ◽  
National Data ◽  
Eu Member States ◽  
Court Of Justice ◽  
The Right ◽  
The Eu

In Google LLC v. Commission nationale de l'informatique et des libertés (CNIL), the Court of Justice of the European Union (CJEU or Court) held that the EU law only requires valid “right to be forgotten” de-referencing requests to be carried out by a search engine operator on search engine versions accessible in EU member states, as opposed to all versions of its search engine worldwide. While the ruling has been perceived as a “win” for Google and other interveners, such as Microsoft and the Wikimedia Foundation, who argued against worldwide de-referencing, the Court also made clear that that while the EU law does not currently require worldwide de-referencing, “it also does not prohibit such a practice” (para. 72). As a result, the CJEU found that an order by a national supervisory or judicial authority of an EU member state requiring worldwide de-referencing in accordance with its own national data protection laws would not be inconsistent with EU law where the data subject's right to privacy is adequately balanced against the right to freedom of information. By leaving the door to extraterritorial de-referencing wide open, the CJEU continues to pursue its post-Snowden hard-line stance on data privacy in a manner that is likely to transform the data privacy landscape.

Sign in / Sign up

Export Citation Format

Share Document