Belgian Court of Appeal asks for GDPR guidance in Facebook case

  • The Belgian Court of Appeal has asked the European Court of Justice for help interpreting the application of the GDPR's 'one stop shop'.
  • The case will have important implications for all multi-national companies who have chosen a lead supervisory authority in Europe for GDPR purposes.
  • The results of the case will either open or close the doors for regulators across Europe to cast aside the one stop shop when looking to enforce GDPR compliance in their home jurisdiction.
Read more

A royal curveball – using the GDPR in privacy disputes

You don't expect to see Prince Harry and the GDPR in the same sentence, but it was reported this week that the Duke of Sussex has settled High Court claims against the paparazzi agency Splash News (Splash), in a case which was based partly on breaches of the GDPR.The Duke of Sussex brought claims against Splash in relation to photographs taken of a house that he was renting. Whilst details of the relevant legal arguments have not been released, Splash's apology statement noted that "[t]his matter concerns a claim for misuse of private information, breaches of The Duke's right to privacy under Article 8 ECHR and breaches of the General Data Protection Regulation and Data Protection Act 2018." Read more

The next step in the battle for data? EU Commission opens formal investigation into Ireland’s insurance market

On 14 May 2019, the EU Commission (“the Commission”) announced that it has opened a formal antitrust investigation into Insurance Ireland, an association of insurance companies active in Ireland (“Investigation”). The association administers a database (Insurance Link), to which its member companies contribute insurance claims data on an ongoing basis. Insurance Ireland makes this database … Read more

Driving Data Compliance

Connected autonomous vehicles (CAVs) are increasingly capable of creating, collecting and processing a wealth of data. However, in order for vehicle manufacturers and CAV stakeholders to access and extract the value in such data, they must do so lawfully. This is especially true in relation to personal data which is governed in the EU (and beyond) by the General Data Protection Regulation (GDPR). This post explores at a high level how CAV stakeholders can ensure compliance with the GDPR, particularly in relation to CAVs which process personal data of vehicle drivers, owners and pedestrians. Read more