Tag archives: ECJ

No surprises in the recent Planet49 European Court of Justice judgment

Data Protection Report - Norton Rose Fulbright

On 1 October 2019, the European Court of Justice (ECJ) delivered its judgement on Case C – 673/17 (the “Planet49” case), which relates to the consent and transparency requirements for the use of cookies and similar technologies. The ECJ largely followed the March 2019 Opinion of Advocate General Szpunar and the judgment is generally consistent with the recent regulatory guidance issued by the UK and French data protection authorities in this area.… Continue Reading

Website operators joint controllers with third-party plugin providers

Norton Rose Fulbright - Data Protection Report blog

On 29 July 2019, the European Court of Justice (ECJ) issued its judgement on Case C-40/17 (the “Fashion-ID” case). In its ruling, the ECJ held that operators of websites embedding Facebook’s “Like” button act as data controllers jointly with Facebook in respect of the collection and transmission to Facebook of the personal data of visitors to the relevant websites. In relation to these processing activities, the website operators must inform their website visitors about the data processing activities for which they act as a joint controller with Facebook, must establish a lawful basis for these processing activities and, where applicable, … Continue Reading

Reports suggest US-EU agreement on cross-border data transfers near, but will it stick?

Data Protection Report - Norton Rose Fulbright

It is being reported that the EU and the US have reached an agreement in principle on the revised cross-border data transfer framework, commonly referred to as Safe Harbor 2.0. Both sides expect further progress on the specifics in November of this year. Some of the thornier issues, however,regarding US surveillance activities, that are critical to addressing the concerns the ECJ raised in Schrems, are yet to be firmed up with verifiable compliance commitments.… Continue Reading

WP29 Issues Post-Safe Harbor Guidance

Data Protection Report - Norton Rose Fulbright

The following is the statement of WP29 on the Schrems decision.  It is a short opinion that we replicated here in full.  We note that WP29 appears to suggest that model clauses and BCRs remain viable through at least January 2016, which is when WP29 would like to see the US and EU agree to a legal, political and technical solution on data transfers.  The opinion suggests coordinated enforcement by DPAs after January 2016, but it is unclear whether such enforcement will focus on Safe Harbor-certified companies alone, or will also undermine model clauses and BCRs.  We are continuing to … Continue Reading

Schrems: Commission holds press conference on ECJ ruling invalidating the Commission’s Safe Harbor Decision

Data Protection Report - Norton Rose Fulbright

As discussed in our post earlier, in today’s ruling on Case C-362/14 (the so-called “Schrems” case), the European Court of Justice (ECJ) invalidated the EU Commission’s “US Safe Harbor” decision with immediate effect. In the meantime, the EU Commission held a press conference discussing the impact of the judgement.… Continue Reading

Day-after-Safe Harbor action plan: anticipating ECJ Schrems decision

Data Protection Report - Norton Rose Fulbright

As we have written extensively, the European Court of Justice’s (ECJ’s) ruling in the Schrems case on October 6, 2015 may effectively invalidate the US-EU Safe Harbor framework. While we believe that the Advocate General’s rationale for the proposal is weak, organizations that rely on the Safe Harbor are anxious about the consequences such a decision could have on their operations, and want to make appropriate mitigation plans.… Continue Reading

LexBlog