Federal Administrative Court asks ECJ: Who is responsible for data processing on Facebook Fanpages?

With its decision from 25. Februrary 2016, the German Federal Administrative Court referred several interesting data protection questions related to the operation of a Fanpage on Facebook to the European Court of Justice (ECJ) (the whole decision can be accessed here, in German). The case number at the ECJ is C-210/16. Since there does until now not exist an English version of the reference for a preliminary ruling, you will find beneath a rough translation of some of the questions referred.
Continue reading

Adblocker detection scripts vs. Article 5 (3) of the ePrivacy Directive: A German law take

It appears that we may be about to experience a new phase in the life of Article 5 (3) of the ePrivacy Directive as amended in 2009, as brief as it may possibly be as a result of the coming Regulation and the revisions that the ePrivacy Directive may be subject to in its wake.

Twitter privacy activist Alexander Hanff has been able to create considerable attention (such as here and here) for his position that client side scripts used by publishers in order to detect AdBlockers used by their (would-be) readers are in conflict with said Article, posting on Twitter a letter from the Günther Oettinger’s team in the EU Commission that, as per him, confirms his position.

https://twitter.com/alexanderhanff/status/722861362607747072

Aside from the slightly amusing twist that the Commission, in making reference in the same letter to add-ons or plug-ins expressing a user’s preference regarding, for example, whether or not he or she does or does not accept the storage of information on his/her “terminal equipment”, appears to overlook that adblockers have to be detected first before they can be “respected” as conveying a preference, we shall have a brief look at how things would play out under German law, as it is in place at this time. Continue reading

Why B2B is not necessarily always B2B when it comes to consumer protection

Online-shops that officially trade as B2B-shops must comply with European consumer protection regulations or make actually sure that only business customers can place orders in the shop. In order to ensure that consumers do not use the shop, it is not sufficient to provide the respective disclaimer on the website. That was recently ruled by the Regional Court in Dortmund.

Continue reading

“Hyperlink does Not Constitute a Copyright Infringement”

Article 3 (1) of Directive 2001/29/EC on the “harmonisation of certain aspects of copyright and related rights in the information society” legally communicating copyrighted works to the public depends on the copyright holders authorization.

Continue reading

German DPAs „leak“ EU-US Privacy Shield assessment by European Authorities

On 6th and 7th April 2016, the German Data Protection Authorities (“DPAs”) met to discuss several current privacy topics.

One point on the agenda has of course been the assessment of the proposed EU-US Privacy Shield (the successor of the Safe Harbor regime). Currently, the European Data Protection Authorities (the so called “Article 29 Working Party”) are finalizing their common position on the proposed adequacy decision by the European Commission (pdf).

Today, the resolution of the DPAs for the mandate of the German representatives in the Article 29 Working Party has been published (German, pdf).
Continue reading