ARTICLE

Consent to privacy policy – invalid

Many websites are asking their customers to consent to their privacy policy in the following way: “By using this website you are consenting to our privacy policy“. Usually without confirming the on a “ok-button“ the user may not be able…

Posted in Article | Tagged , , , , , , | Leave a comment

There Shall be Order! A Proposal for More Structured Normativity on the Internet

by Matthias C. Kettemann Can you recall a time before the Internet? When you read newspapers, called your friends on the landline and watched what the TV offered. Like everyone else? Things have changed considerably in this age of instant…

Posted in Article | Tagged , , , | Leave a comment

The “one for all lawsuit”

by Dr Katarina Barley – Federal Minister of Justice and Consumer Protection – Germany A faster, better and cheaper way of enforcing consumer rights Until recently, many consumers who had purchased a manipulated diesel car probably thought: “How is it…

Posted in Article | Tagged , , , , , | Leave a comment

Joint Controllership within a group of entities*

by Jutta-Sonja Oberlin and Lukas Lezzi 1 Introduction It is crucial for compliance of intra-group[1] data processing activities under the GDPR (General Data Protection Regulation)[2] to answer the question as to whether such cooperation in data processing constitutes order processing…

Posted in Article | Tagged , , , , , , | Leave a comment

Microsoft is driving its customers into non-compliance

Microsoft is secretly transferring data of user’s behaviour to the US for its own purpose. With this misuse of data Microsoft is driving its customers into non-compliance since the data transfer to Microsoft is lacking a legal basis. In addition,…

Posted in Article | Tagged , , , , , , | Leave a comment

Threat of fines also applies to public-sector undertakings

by Lana Dachlauer-Baron The General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (FDPA) have come into force since 25 May 2018. In the meantime, all German federal states have also adapted their data protection acts (LDSG)…

Posted in Article | Tagged , , , , , | Leave a comment

Facebook-hack: stress test for Irish DPA

Facebook has reported a hack of 3 million European users personal data to the Irish DPA.[1] The Irish DPA is under pressure to answer to the key question of GDPR: do national DPAs have the power to force multinationals like…

Posted in Article | Tagged , , , , , , | Leave a comment

Cookies consent

Most websites are asking their users to consent to cookies with the following wording: “By continuing to use our site, you accept our use of cookies.” With GDPR the question arises, whether this kind of consent is still compliant. 1.…

Posted in Article | Tagged , , , , | Leave a comment

ECHR: Mass surveillance by British secret service violated European Convention on Human Rights

by Peter Schaar On 13 September 2018, the European Court of Human Rights (ECHR) in Strasbourg ruled that the mass surveillance of the British intelligence service GCHQ (Government Communications Headquarters) carried out in cooperation with the US National Security Agency…

Posted in Article | Tagged , , , , , , | Leave a comment

IT maintenance is ‘data processing on behalf’ according to German DPAs

With the application of the GDPR the question how to qualify IT maintenance in terms of data protection arises. This aspect is of great relevance while any software contains personal data. E.g. Microsoft, Oracle and SAP process personal data of…

Posted in Article | Tagged , , , , , , , | Leave a comment