Case Law Privacy

ECJ Sets a Crucial Week For Data Protection in Europe

  • “EU law precludes the transfer and processing of personal data between two public administrative bodies without the persons  concerned (data  subjects) having been informed in advance”.

  • “…the Commission was required to find that the United States  in  fact ensures, by reason of its domestic law or its international commitments, a level of protection of fundamental rights essentially equivalent to that guaranteed within the EU under the directive read in the light of the Charter. The Court observes that the Commission did not make such a finding,  but merely examined the safe harbour scheme [.]   National security, public interest and law enforcement requirements of the United States prevail over the safe harbour scheme, so that United States undertakings are bound to disregard, without limitation, the protective rules laid down by that scheme where they conflict with such requirements. The United States safe harbour scheme
    thus enables  interference, by United  States public  authorities,  with the fundamental rights of persons, and the Commission decision does not refer either to the existence, in the United States, of  rules  intended  to limit any such interference or to  the existence of effective legal protection against the interference…”.

  • “…Weltimmo, a company registered in Slovakia, runs a property dealing website concerning Hungarian properties. Within that context, it processes the personal data of the advertisers  [.]  the Court notes that the presence of only one representative can, in some circumstances, suffice to constitute an establishment if that representative acts with a sufficient degree of stability for the provision of the services concerned in the Member State in question [.]  The  Court states that each supervisory authority established by a Member State must ensure compliance, within the territory of that State, with the provisions adopted by all Member States pursuant to the directive. Consequently, each supervisory authority is to hear claims lodged by any person concerning the protection of his rights and freedoms in regard to the processing of personal data, even if the law applicable to that processing is the law of another Member State”

Posted from Diigo.