Posts Tagged Google
GDPR (General Data Protection Regulation) aficionados will have already seen the draft guidelines published by the EDPB – the European data protection board – on the territorial scope of the Regulation.
Of particular interest to conflicts lawyers is the Heading on the application of the ‘targeting’ criterion of GDPR’s Article 3(2). There are clear overlaps here between Brussels I, Rome I, and the GDPR and indeed the EDPB refers to relevant case-law in the ‘directed at’ criterion in Brussels and Rome.
(Handbook of) EU Private International Law, 2nd ed. 2016, Chapter 2, Heading 22.214.171.124.3, Heading 126.96.36.199.5.
I have an ever-updated post on Google’s efforts to pinpoint the exact territorial dimension of the EU’s data protection regime, GDPR etc. Now, Facebook are reportedly (see also here) appealing a fine imposed by the UK’s data protection authority in the wake of the Cambridge Analytica scandal. Facebook’s point at least as reported is that the breach did not impact UK users.
The issue I am sure exposes Facebook in the immediate term to PR challenges. However in the longer term it highlights the need to clarify the proper territorial reach of both data protection laws and their enforcement.
One to look out for.
Many thanks to Julien Juret for asking me contribute to l’Observateur de Bruxelles, the review of the French Bar representation in Brussels (la Délégation des barreaux de France). I wrote this piece on the rather problematic implications of the GDPR, the General Data Protection Regulation, on jurisdictional grounds for invasion of privacy.
I conclude that the Commission’s introduction of Article 79 GDPR without much debate or justification, will lead to a patchwork of fora for infringement of personality rights. Not only will it take a while to settle the many complex issues which arise in their precise application. Their very existence arguably will distract from harmonised compliance of the GDPR rules.
I owe Julien and his colleagues the French translation (as well as their patience in my late delivery) for I wrote the piece initially in English. Readers who would like to receive a copy of that EN original, please just send me an e-mail. (Or try here, which if it works should have both the FR and the EN version).
(Handbook of) EU Private International Law, 2nd ed. 2016, Chapter 2, Heading 188.8.131.52.5.
Of interest to data protection lawyers is Warby J’s excellent review of the test to be applied (particularly within the common law context of misuse of private information). Of interest to readers of this blog, is what is not yet part of the High Court’s ruling: the precise wording of the delisting order. Particularly: defendant is Google LLC, a US-based company. Will the eventual delisting order in the one case in which it was granted, include worldwide wording? For our discussion of relevant case-law worldwide, see here.