Category: Privacy

Dearer to us than a host of truths is an exalting illusion? EU Data Transfer Regulation after Schrems

| No Comments
| ECJ, GDPR, PowerPoint, Privacy

Kuner & FennellyMy favourite Steve Jobs aphorism (and there are so many from which to choose) is

People who know what they’re talking about don’t need PowerPoint.

(see Steve Jobs by Walter Isaacson (Simon and Schuster, 2011) 337). Last Thursday, Chris Kuner elevated this from apothegm to axiom, resoundingly proving the truth of that insight, by providing a masterclass in compelling presentation without resort to the crutch of powerpoint or similar slides. Chris is pictured above left, chatting with David Fennelly, before delivering a powerful lecture on “Reality and Illusion in EU Data Transfer Regulation” in the light of the decision of the Court of Justice of the European Union in Case C-362/14 Schrems v Data Protection Commissioner [2015] ECR I-nyr (Grand Chamber, 6 October 2015) to a rapt audience in Trinity College Dublin. He began with a quote from Chekov:

Dearer to us than a host of truths is an exalting illusion.

This is from Chekov’s short story “Gooseberries” (see Richard Pevear and Larissa Volokhonsky (tr) Selected Stories of Anton Chekov (Random House, 2009) 311 at 317), where the Nikolai is deluding himself that his gooseberries – actually “hard and sour” – are in fact the succulent and luscious fruit which he had always dreamed of growing.…

Read More »

Reality and Illusion in EU Data Transfer Regulation post-Schrems

| 1 Comment
| Conferences, Lectures, Papers and Workshops, Cyberlaw, Digital Rights, Privacy

Crhis KunerOn the first anniversary of the judgment of the Court of Justice of the European Union in Case C-362/14 Schrems, Professor Christopher Kuner (pictured left), Professor of Law at the Vrije Universiteit Brussels, will give a public lecture on

Reality and Illusion in EU Data Transfer Regulation post-Schrems

The lecture will be held in the Neill Theatre, Trinity Long Room Hub, Trinity College Dublin, on Thursday 6 October 2016, at 1:00pm.

In Case C-362/14 Schrems v Data Protection Commissioner [2015] ECR I-nyr (Grand Chamber, 6 October 2015), the Court of Justice of the European Union invalidated the EU-US Safe Harbour arrangement allowing personal data to be transferred to the US. The judgment is a landmark in the Court’s data protection case law, and illustrates the tension between the high level of legal protection for data transfers in EU law and the illusion of protection in practice. The judgment has undermined the logical consistency of the other legal bases for data transfer besides the Safe Harbour, and reactions to it have largely been based on formalism or data localization measures that are unlikely to provide real protection. Schrems also illustrates how many legal disagreements concerning data transfers are essentially political arguments in disguise.…

Read More »

Some forthcoming legislation on the administration of justice, cybercrime, education, intellectual property, and privacy

| 4 Comments
| Blasphemy, Copyright, Cyberlaw, Digital Rights, ECJ, Intellectual property, Judicial Appointments, Legal Education, Privacy, Universities

Government Chief Whip Regina Doherty has announced the Government’s Legislation Programme for the Autumn Session 2016 (pdf). It is a considerable update of the programme published last June (pdf) when the government came into office.

The June programme had the feel of a holding document, published to get a new government to the Summer Recess. This programme has a far more substantial feel about, published to demonstrate the government’s confidence in its capacity to promote and enact legislation.

After the publication of the June programme, I examined proposed legislation from the Department of Education and Skills (here; and see also here), the Department of Jobs, Enterprise and Innovation (here; and see also here and here), and the Department of Justice and Equality (here and here). Under those headings, very little has changed. But there are some notable additions, not least of which is the Interception of Postal Packets and Telecommunications Messages (Regulation) (Amendment) Bill. All we are told is that work is underway on a Bill to “amend various pieces of legislation in respect of electronic communications”. There is no further explanation. This is probably the Bill to provide for further covert surveillance of electronic communications promised by the Minister earlier this Summer.…

Read More »

Privacy in the Digital Age – Is it Time for a New Paradigm?

| 1 Comment
| Conferences, Lectures, Papers and Workshops, Privacy

AdaptThere will be a discussion of

Privacy in the Digital Age – Is it Time for a New Paradigm?

in the Trinity Long Room Hub, next Wednesday, 13 July 2016, from 3:00pm to 5:00pm.

The speakers will be Dr Jyn Schultze-Melling (Director for Privacy Policy, Europe, Facebook) and Dr TJ McIntyre (Lecturer in Law, UCD; Chairman, Digital Rights Ireland). They will speak for no more than 30mins each; and there will be plenty of time for discussion. The event will be chaired by Joan Mulvihill (CEO, Irish Internet Association). …

Read More »

Damages for infringement of data protection rights

| 8 Comments
| GDPR, Privacy

ICEL and RIA logos, via their websitesAt the Irish Centre for European Law’s Privacy and Data Protection Conference today (programme pdf) in the Royal Irish Academy, many interesting themes were explored. I want in this post to pick up on one of them, relating to damages for infringement of data protection rights.

At present, the matter is governed by Article 23 of the Data Protection Directive (Directive 95/46/EC) [DPD], which provides

Member States shall provide that any person who has suffered damage as a result of an unlawful processing operation or of any act incompatible with the national provisions adopted pursuant to this Directive is entitled to receive compensation from the controller for the damage suffered.

On the one hand, this has been implemented in Ireland by section 7 of the Data Protection Act, 1988 [DPA] (also here), which provides that

For the purposes of the law of torts and to the extent that that law does not so provide, a person, being a data controller or a data processor, shall, so far as regards the collection by him of personal data or information intended for inclusion in such data or his dealing with such data, owe a duty of care to the data subject concerned …

In Collins v FBD Insurance plc [2013] IEHC 137 (14 March 2013) (noted here) [3.6] Feeney J held that section 7 required that plaintiffs “prove that they have, in fact, suffered damage arising from a breach”.…

Read More »

Workplace surveillance, conditions of employment, and privacy

| No Comments
| Contract, Privacy

Surveillance widgets, by Chris Slane

The Hawthorne effect is alive and well, and living in the interstices between private law and privacy law. In particular, I recently saw the following clause in a contract (the names have been changed to protect the innocent, the guilty, bystanders, and anyone else involved ):

WORKPLACE SURVEILLANCE
The employer’s workplaces are subject to overt workplace surveillance. You agree that you consent to this surveillance which is primarily to ensure the safety and security of the employer’s workplaces and the appropriate use of the employer’s resources. The overt surveillance is in the form of computer, internet usage and camera surveillance and is of an ongoing and continuous nature, in accordance with the employer’s relevant policies as amended from time to time.

This surveillance is carried out by all means available to the employer, which may include accessing your email account; accessing your files; accessing your computer or other electronic devices and recording internet usage by you including remote access internet usage and accessing those records.

The Citizens Information website has a lot of information on the legitimate scope of surveillance in the workplace, and the Data Protection Commissioner has issued Guidance Notes on the Monitoring of Staff, which emphasises that

monitoring, including employees’ email or internet usage, surveillance by camera, video cameras or location data must comply with the transparency requirements of data protection law.

Read More »

From Ken Liu’s perfect match, via dysaguria, to Privacy Paradigm

| 4 Comments
| Dysaguria, GDPR, Privacy

I have commented on this blog in the past how much I love libraries (eg here | here | here | here). I walk to my local library regularly to borrow books. Quite often, I will borrow recent arrivals by authors unknown to me. It’s pot luck, and I take the rough with the smooth; sometimes I unearth a diamond, and it makes it all worthwhile. Last week, I borrowed Ken Liu The Paper Menagerie and other stories (Head of Zeus, 2106 | Amazon). As its title suggests, it is a book of short stories; and, en route to the International Association of Privacy Professionals conference in London later in the week, I read some of them. The title story is the first work of fiction to win all three of SF’s major awards: the Hugo, the Nebula and the World Fantasy Award; it is a magical and profound mediation on books and love, you can read it here; and, in fact, you should!

Other than the title story, another, in particular, piqued my interest. Entitled “The Perfect Match”, it concerned a ubiquitous social media company called Centillion, whose motto is “make things better”, and whose modus operandi is to acquire as much information about people as possible, the better to provide the most appropriate personalized information and advice to its users.…

Read More »

Freeze-frame-and-shame? Or should even the Devil have the benefit of data protection laws?

| 2 Comments
| Privacy

LAW, mosaic by Dielman, via WikipediaIn this morning’s Irish Times, I read that Dublin City Council are to press ahead with their policy of posting freeze-frame CCTV images of people dumping their rubbish in litter black-spots, in the hope of shaming them or others into desisting from doing so in the future (a policy I have dubbed in the title of this post “freeze-frame-and-shame”):

The council’s head of waste management, Declan Wallace, said illegal dumpers were “just bad citizens” and he saw no difficulty in exposing them.

Recognisable images captured by CCTV systems are “personal data”, subject to the provisions of the Data Protection Acts. Consequently, the Data Protection Commissioner contacted the Council over its first use of such CCTV images a fortnight ago; but the Council replied that it is confident that it is acting within the data protection legislation; and it has obviously decided to continue with its policy to “freeze-frame-and-shame” “bad citizens”.

Whenever I hear the argument put forward (either overtly or by implication) that bad guys really don’t deserve the benefit of the laws (whether the bad guys are “enemy combatants” in Guantanamo Bay or “bad citizens” fly-tipping in Dublin), I am reminded of a great scene in Robert Bolt’s A Man for All Seasons, a play and movie about the rise and fall of Sir Thomas More in the court of Henry VIII.…

Read More »

© cearta.ie 2025. Powered by WordPress