Case Law Data Privacy

Corte di Giustizia UE: Casi C‑203/15 e C‑698/15 – Tele2 – E’ vietata la conservazione massiva, generalizzata e indifferenziata dei dati delle comunicazioni elettroniche

  • Il diritto dell’Unione Europea vieta:

  • a) una normative nazionale la quale preveda, per finalità di lotta contro la criminalità, una conservazione generalizzata e indifferenziata dell’insieme dei dati relativi al traffico e dei dati relativi all’ubicazione di tutti gli abbonati e utenti iscritti riguardante tutti i mezzi di comunicazione elettronica.

  • b) una normativa nazionale, la quale disciplini la protezione e la sicurezza dei dati relativi al traffico e dei dati relativi all’ubicazione, e segnatamente l’accesso delle autorità nazionali competenti ai dati conservati, senza limitare, nell’ambito della lotta contro la criminalità, tale accesso alle sole finalità di lotta contro la criminalità grave, senza sottoporre detto accesso ad un controllo preventivo da parte di un giudice o di un’autorità amministrativa indipendente, e senza esigere che i dati di cui trattasi siano conservati nel territorio dell’Unione.

Posted from Diigo.

Antitrust Case Law Data Privacy

Bundeskartellamt initiates proceeding against Facebook on suspicion of having abused its market power by infringing data protection rules

Posted from Diigo.

Case Law Privacy

ECJ Sets a Crucial Week For Data Protection in Europe

  • “EU law precludes the transfer and processing of personal data between two public administrative bodies without the persons  concerned (data  subjects) having been informed in advance”.

  • “…the Commission was required to find that the United States  in  fact ensures, by reason of its domestic law or its international commitments, a level of protection of fundamental rights essentially equivalent to that guaranteed within the EU under the directive read in the light of the Charter. The Court observes that the Commission did not make such a finding,  but merely examined the safe harbour scheme [.]   National security, public interest and law enforcement requirements of the United States prevail over the safe harbour scheme, so that United States undertakings are bound to disregard, without limitation, the protective rules laid down by that scheme where they conflict with such requirements. The United States safe harbour scheme
    thus enables  interference, by United  States public  authorities,  with the fundamental rights of persons, and the Commission decision does not refer either to the existence, in the United States, of  rules  intended  to limit any such interference or to  the existence of effective legal protection against the interference…”.

  • “…Weltimmo, a company registered in Slovakia, runs a property dealing website concerning Hungarian properties. Within that context, it processes the personal data of the advertisers  [.]  the Court notes that the presence of only one representative can, in some circumstances, suffice to constitute an establishment if that representative acts with a sufficient degree of stability for the provision of the services concerned in the Member State in question [.]  The  Court states that each supervisory authority established by a Member State must ensure compliance, within the territory of that State, with the provisions adopted by all Member States pursuant to the directive. Consequently, each supervisory authority is to hear claims lodged by any person concerning the protection of his rights and freedoms in regard to the processing of personal data, even if the law applicable to that processing is the law of another Member State”

Posted from Diigo.

Data Pick of the Week

Pick of the week: Hold the Phone: A Big-Data Conundrum –

    • “Correlations are what motivate us to look further. If all that big data does — and it surely does more — is to point out interesting correlations whose fundamental reasons we unpack in other ways, that already has immense value” (Sendhil Mullainathan)

Posted from Diigo.

Data Privacy

Il Parlamento Europeo vota in favore della proposta della Commissione per un nuovo Regolamento Privacy

Il Parlamento dell’Unione Europea, prima di salutarci, approva (con poche modifiche) la proposta della Commissione per un nuovo Regolamento sulla protezione dei dati personali.

Ecco un assaggio dell’art. 1 del Regolamento, quello in cui si fissano gli obiettivi… :

  • 1. This Regulation lays down rules relating to the protection of individuals with regard to the processing of personal data and rules relating to the free movement of personal data.
  • (…)
  • 3. The free movement of personal data within the Union shall neither be restricted nor prohibited for reasons connected with the protection of individuals with regard to the processing of personal data.

Chiaro no?

Ora la parola passa al Consiglio dell’UE, non se ne parla prima dell’estate.


Case Law Privacy Uncategorized

$17 Million Multistate Settlement With Google Over Tracking Of Consumers

Posted from Diigo.


Datagate and Big Data interconnect

Posted from Diigo.

Extra Privacy

Privacy by Contract

“Big data” also means big money. Internet users are the largest data producers, but they are not involved at all in the chain of value stemming from data aggregations and data marketing.

I believe we do not need the government to give us more “data protection” (largely a dead-end street) but that we need the law to fully acknowledge our property rights on our data. A legal framework to allow the people to join and to extract value from their data. The right to trade it collectively. The rising of data agents and data brokers. Privacy by contract rather than privacy by consent.

Please read more about that: here in English (and here in Italian), and have a look to the Cooperative Commons Manifesto and Project.