An Active Europe: Driving the Data Protection Conversation
Today, Europe is increasingly being seen as driving the conversation on privacy protections in the age of technology. The CJEU is a particularly vocal participant in this conversation: from 2000 to 2015, the CJEU has decided thirty-one (31) decisions related to data protection, often defining the individual’s right to privacy contra government and commercial entities. See Laudit, Laraine, “Summaries of EU Court Decisions Relating to Data Protection 2000 - 2015,” Jan. 28, 2016, available here. And, the CJEU is not the only court in Europe to be focused on data protection: currently pending at the Irish High Court is “Data Protection Commissioner v. Facebook Ireland Limited & Maximilian Schrems,” 2016/4809P, a case focusing on the transfer of data from the EU to the US. [Check back for a future post on this case.]
It is not just the courts that are part of this conversation: the Commission is also weighing in. More than a month ago, on May 18, 2017, the Commission fined Facebook €110 million for providing misleading information regarding its acquisition of WhatsApp. Contrary to Facebook’s representation in 2014 that it did not have the capability to match Facebook users with WhatsApp users, it was technically possible -- in 2014 -- to match user identities. Access to the Commission’s Press Release can be found here. The Commission’s role in providing consumers with transparency is helping to reinforce and enhance the data protections of individuals.
Finally, with the adoption of the General Data Protection Regulation, Europe is poised to completely change the relationship between an individual’s privacy and the ability of commercial entities to utilize an individual’s information. The emphasis that this regulation places on transparency and individual privacy protections will change the narrative between individuals and companies: even after obtaining consent, the individual still has the ultimate control of her data.
Regardless of where you are located, Europe is the place to watch when it comes to data privacy. The whole of the European Union is invested in protecting individual privacy -- and ultimately driving the conversation of how companies should be approaching this issue within their businesses.
* * * * *
Nothing contained in this blog should be construed as creating an attorney-client relationship or providing legal advice of any kind. If you have a legal issue regarding cybersecurity, domestic or international data privacy, or electronic discovery, you should consult a licensed attorney in your jurisdiction.