Privacy International Publishes Its Analysis On the European Commission’s Proposal for a Data Protection Directive in the Law Enforcement Sector.
On 25 January 2012 the European Commission proposed a uniform legal framework for providing legal certainty on data protection.
The European Court of Justice held on October 16, 2012 that Austria’s data protection authority is not sufficiently independent, and therefore fails to comply with the requirements of the European data protection directive. This is the second time that the European Court of Justice has found a data protection authority to lack independence.
We have previously reported on the different requests and repeated questionnaires the Commission nationale de l’informatique et des libertés (CNIL) has sent to Google over the past few months regarding the evaluation of Google’s compliance with applicable European Data Protection Regulation
The European Court of Justice Rules That Austria’s Data Protection Authority is Not Sufficiently Independent
On 16 October 2012, the Court of Justice of the European Union (“CJEU”) ruled in favour of the European Commission in its claim against Austria that the Austrian Data Protection Authority, the Datenschutzkommission (“DSK”), was not independent from the Austrian government as required under Article 28 of the EU’s Data Protection Directive.
TechWeek Europe: US Department of Commerce Involved in Lobbying to Change EU Data Protection Regulation
According to TechWeek Europe, the United States Department of Commerce is working with the United States Chamber of Commerce to lobby European Union officials in an effort to change certain provisions of the EU’s proposed General Data Protection Regulation.
EU Regulation: Reding Says Right to Be Forgotten Must Be Balanced; EP Committee Calls for Enhanced Extraterritoriality
In a June 18 speech in Luxembourg, European Commissioner for Justice Viviane Reding discussed the much-maligned proposal for a “right to be forgotten” in the recently proposed EU Data Protection Regulation, admitting that “you cannot enforce an absolute right to be forgotten on the internet.” She stressed that the right to forgotten “like the general right to privacy . . . needs to be reconciled with other rights which are also protected by the EU’s Charter of Fundamental Rights.”
On May 28th, the Commission nationale de l’informatique et des libertés (“CNIL”), the French authority responsible for data privacy, published guidance on breach notification law affecting electronic communications service providers. The guidance was issued with reference to European Directive 2002/58/EC, the e-Privacy Directive, which imposes specific breach notification requirements on electronic communication service providers.