Your SlideShare is downloading. ×
GAMAByte: Update: Data Privacy in the EU - December 2013
GAMAByte: Update: Data Privacy in the EU - December 2013
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

GAMAByte: Update: Data Privacy in the EU - December 2013

130

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
130
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. GAMAByte: Update: Data Privacy in the EU - December 2013 One-­‐Stop-­‐Shop  Rule  Brings  Proposed  Data  Protec8on  Regula8on  to  a  Stands8ll The EU Data Protection Regulation hit a road bump last week when European lawmakers failed to come to an agreement on a controversial provision of the proposed legislation. At issue was the “one-stop-shop” rule, which would permit multinational companies to deal only with the data protection authority (“DPA”) of the EU Member State where the company was established rather than answer to the DPAs of each of the 28 EU Members. While the provision would make complying with the new rules significantly less burdensome for multinational companies, opponents argue that the provision undermines citizens’ privacy rights. EU citizens could file a privacy complaint in their home country, but that country’s DPA would have to refer the case to DPA of the country where the company was located. Opponents fear that the inability of EU citizens to take companies to court in their home countries would discourage citizens from filing complaints. Further, there is concern that multinational companies would begin “forum shopping,” or establishing themselves in countries with the weakest DPAs to skirt stringent privacy obligations. Disagreements over the one-stop-shop rule suggest that the proposed Regulation will not be passed by the European Parliament’s initial goal of May 2014. In the meantime, multinational companies must continue to contend with the 28 unique privacy frameworks of each Member State. Advocate  General  Claims  Current  Data  Reten8on  Direc8ve  Violates  Privacy  Rights Days after the one-stop-shop setback, the EU’s current data retention directive made headlines when Advocate General of the EU Court of Justice, Pedro Cruz Villalón, voiced his opinion that the directive “constitutes a serious interference with the fundamental right of citizens to privacy.” Cruz Villalón’s statement refers to an EU law requiring telecommunications providers to retain customer data for up to two years. The law was adopted in 2006, following the bombings in the London underground and on trains in Madrid, to aid law enforcement’s investigations into serious crimes. Cruz Villalón states that the use of such telecommunications data makes it possible to create “a complete and accurate picture” of an individual’s private life, encroaching on one’s fundamental right to privacy. He voices further concern that the data could be used for unlawful, or even fraudulent or malicious, purposes. Cruz Villalón would have the directive amended to include specific controls around access to the collected data and limits on how the data is used. He would also change the maximum time that law enforcement could force telecommunications companies to hold onto the data to less than one year. The data retention directive is currently being challenged before the European Court of Justice in two cases, one brought by Digital Rights Ireland against the Irish government, the other involving Austrian digital rights group, AKVorrat. As is usual, Cruz Villalón’s opinion comes before the court makes it ruling. While the opinion of the Advocate General is not binding, the court generally adopts such viewpoints. For  more  informa+on  or  guidance  on  complying  with  EU  laws  or  just  to  chat,   contact  Chris+na  Gagnier  at  gagnier@gamallp.com.   A  GAMA  Byte  produced  by  Emily  Poole                                                                                                                                            ©  2013.  Gagnier  Margossian  LLP.    All  rights  reserved.  
  • 2. Internet Intellectual Property Privacy Social Media Technology The Good Stuff #nerdlawyers Los Angeles Sacramento T: 415.766.4591 F: 909.972.1639 E: consult@gamallp.com gamallp.com @gamallp San Francisco

×