A sign of confidence: The EU Member States have adopted the EU-U.S. Privacy Shield

In short:

The EU Member States have given their support to the EU-U.S. Privacy Shield, a renewed framework for transatlantic data flows which is meant to replace the old “Safe Harbor”.  The decision of the Member States was mandatory in order to formally adopt the Privacy Shield in the EU.

In opposite to Safe Harbor, the Privacy Shield imposes clear and strong obligations on companies handling the date and makes sure that these rules are followed and enforced in practice. It is the first time that the United States has committed to written assurance that the access of public authorities for law enforcement and national security will be subject to clear limitations, safeguards and oversight mechanisms and has ruled out indiscriminate mass surveillance of European citizen’s personal data.

Continue reading

Data flows to the US: Why the EU Model Clauses may soon be no longer state of the art

Not long after the “Safe Harbor” decision and in the same context (data transfer to the US by Facebook) the Irish Data Protection Commissioner has decided to bring the EU-US data flows before the European Court of Justice (CJEU) (again).

Continue reading

No more “Stoererhaftung”?

What was for a long time associated with high liability risks and warning letters from lawyers, will now be made easier by the German government: Free wifi-hotspots.  The German government has decided to modify the so called “Stoererhaftung” – the liability of the operator of a wifi-hotspot for any infringements of law committed through the hotspot. However, even though rumor still has it a few days after the presentation of the draft for the new German Teleservices Act, this does not mean that operators of wifi-hotspots now will not be liable for whatever happens through their hotspot. To speak of a complete abolition of “Stoererhaftung” is a bit too much, at least at the moment.

Continue reading

Why B2B is not necessarily always B2B when it comes to consumer protection

Online-shops that officially trade as B2B-shops must comply with European consumer protection regulations or make actually sure that only business customers can place orders in the shop. In order to ensure that consumers do not use the shop, it is not sufficient to provide the respective disclaimer on the website. That was recently ruled by the Regional Court in Dortmund.

Continue reading

Facebook and the abuse of market power or the German Federal Cartel Office as data protection authority

The German Federal Cartel Office (Bundeskartellamt) has started preliminary proceedings against Facebook in early March, trying to find out if Facebook was misusing its market power to enforce abusive terms and conditions because of alleged data protection law violations. What sounds just like what antitrust authorities do, may in fact have a huge impact on Facebook and how it is behaving against its users.

Continue reading

Private use of the internet and the rights of the employer

Employers may collect browser data of their employees without their approval, if (1) there is reasonable suspicion that the employee uses his (business) computer and/or the office internet improperly and (2) there is no other means to prove this improper use than the collection of browser data (LAG Berlin-Brandenburg, Urt. v. 14.01.2016 – 5 Sa 657/15).

Continue reading

Filesharing reloaded

The Higher District Court in Munich (the “OLG”, 29 U 2593/15) revisited the evergreen topic “filesharing”. It ruled that, in case of an alleged copyright infringement, the owner of an internet connection has to present all known facts with regard to the infringer, even if such infringer is a family member. If the owner of the internet connection does not do so, he will be liable himself. Continue reading

Protection for protection rights: The Federal Court of Justice on safeguard measures for video games

The German Federal Court of Justice (“BGH”, Videospielkonsolen II) has stated that technical safeguard measures for video games fall under the scope of section 95a (3) nr. 3 of the German Copyright Act (“UrhG”), if such measures (in the case decided: Nintendo DS cards for Nintendo DS games consoles) are specifically designed to prevent illegal copies of the games which are played on the consoles.
Continue reading

Creative Commons and “non-commercial” use of works on websites

In a very recent ruling of 31 October 2014, the Higher Regional Court of Cologne (“OLG”) has further defined the scope of “commercial use” within the meaning of the Creative Commons Licenses de.creativecommons.org. According to the OLG (Az. 6 U 60/14), the use of a picture licensed under the CC-BY-NC 2.0-License to illustrate an article on a radio station’s website is “non-commercial” use within the meaning of the CC-License, even if users pay for the website by paying radio license fees. The OLG further discusses the question, when cutting a picture into shape can be considered as “adaptation” within the meaning of the license.
Continue reading

For bloggers and other content sharers: why framing of third party content does not violate third party copyright

The European Court of Justice (ECJ) has stated that framing of content (such as embedding Youtube videos or other content on blogs and other websites via link) does not violate the copyright of the author of the respective content. In particular, such framing is not considered a “making available to the public” according to the European directive on copyright in the Information Society (2001/29/EC) and section 19a of the German Copyright Act (“UrhG”). However, it can be derived from the court ruling that this applies only if the reproduction is not meant for a new audience and does not use a different reproduction technique.

Continue reading

(More) certainty ahead: liability of commercial operators of open WLAN networks

Commercial WLAN operators will soon be certain about when and in how far they are liable for violations of third party rights by their users. The District Court in Munich (7 O 14719/12) has stayed the proceedings in a pending litigation and has submitted questions to the European Court of Justice (ECJ).

Inter alia, the court asks the liability privilege regulated in the European e-commerce directive and the German Teleservices Act (“Telemediengesetz” – TMG) is to be interpreted in a way that claims for injunctive relief, damage claims, and claims for the reimbursement of costs for warnings and court proceedings are excluded against the WLAN-operator in general or at least with regard to the first violation of third party rights. According to the respective provisions in the directive and the TMG; access providers are not responsible for the information submitted through their services.

Continue reading