Weiter zum Inhalt
  • «
  • 1
  • »

Die Suche erzielte 7 Treffer.

C-252/21 Meta v Bundeskartellamt: The Lawfulness of Big Tech’s Processing of Personal Data and the Relationship Between Data Protection and Competition Law Journal Artikel

Ana-Maria Hriscu

European Data Protection Law Review, Jahrgang 9 (2023), Ausgabe 3, Seite 371 - 377

Case C-252/21 Meta Platforms v Bundeskartellamt, Judgement of the Court of Justice of the European Union (Grand Chamber) of 4 July 2023 (ECLI:EU:C:2023:537) Case C-252/21 Meta Platforms v Bundeskartellamt dealt with a number of important questions regarding the relationship between data protection and competition law, as well the lawfulness, from the standpoint of the Data Protection Regulation (GDPR)1, of the processing of personal data from third party online sources. This case note summarises the judgement and reflects, in the commentary, on Big Tech’s reliance on consent as a lawful ground for processing, on the opportunities of using data protection as a benchmark in competition law and finally, on challenges of seeing data protection through the prism of competition law in the online context.


Planet49: Pre-Ticked Checkboxes Are Not Sufficient to Convey User’s Consent to the Storage of Cookies (C-673/17 Planet49) Journal Artikel

Agnieszka Jabłonowska, Adrianna Michałowicz

European Data Protection Law Review, Jahrgang 6 (2020), Ausgabe 1, Seite 137 - 142

Case C-673/17 Bundesverband der Verbraucherzentralen und Verbraucherverbände - Verbraucherzentrale Bundesverband e.V. v Planet49 GmbH, Judgment of the Court (Grand Chamber) of 1 October 2019 Consent of a website user, required for the lawful storage of information or access to information already stored, in the form of cookies, in his or her terminal equipment is not validly constituted by way of a pre-ticked checkbox, which the user must deselect to refuse consent. Conditions for the lawful storage and access are not to be interpreted differently according to whether or not the information stored or accessed on a website user’s terminal equipment qualifies as personal data. Information that the service provider must provide to a website user, prior to the storage of information in his or her terminal equipment, includes information on the duration of the operation of cookies and whether or not third parties may have access to it. Articles 2(f) and 5(3) of Directive 2002/58/EC – Articles 2(h) and 10 of Directive 95/46/EC – Articles 4(11) and 13 of Regulation (EU) 2016/679



Privacy Nudges: Journal Artikel

An Alternative Regulatory Mechanism to ‘Informed Consent’ for Online Data Protection Behaviour

Sheng Yin Soh

European Data Protection Law Review, Jahrgang 5 (2019), Ausgabe 1, Seite 65 - 74

The informed consent paradigm of data protection law in the EU has failed to foster privacy-protective behaviour online, due to findings from behavioural science such as bounded rationality and asymmetric information. Hence, this article proposes a soft paternalistic approach through the use of ‘privacy nudges’ as an alternative regulatory tool to informed consent to nudge users towards more optimal privacy protection decisions. This article also discusses the potential benefits of privacy nudges, some of the main critiques of nudging and future directions for improvement. Keywords: Privacy Nudge, Informed Consent, Behavioural Economics


Privacy Icons: Journal Artikel open-access

A Risk-Based Approach to Visualisation of Data Processing

Zohar Efroni, Jakob Metzger, Lena Mischau, Marie Schirmbeck

European Data Protection Law Review, Jahrgang 5 (2019), Ausgabe 3, Seite 352 - 366

Although the institution of consent within the General Data Protection Regulation intends to facilitate the exercise of personal autonomy, reality paints a different picture. Due to a host of structural and psychological deficits, the process of giving consent is often neither informed nor does it foster self-determination. One key element in addressing this shortcoming is the visualisation of relevant information through icons. This article outlines a risk-based methodology for the selection, design and implementation of such privacy icons. It lays the groundwork for identifying risky data processing aspects as a first step in a larger project of creating a privacy icons set to accompany privacy policies. The ultimate goal of the privacy icons is to assist users in making better informed consent decisions through the visualisation of data processing aspects based on their inherent risks. Keywords: Privacy Icons, Consent, Risk-Based Approach, Private Autonomy, Legal Design


The Law Enforcement Directive: Journal Artikel

Conceptual Challenges of EU Directive 2016/680

Mark Leiser, Bart Custers

European Data Protection Law Review, Jahrgang 5 (2019), Ausgabe 3, Seite 367 - 378

The Law Enforcement Directive (EU Directive 2016/680) has been heralded for its role in building a high level of data protection in criminal law. Data processed for ‘law enforcement purposes’ by ‘competent authorities’ must comply with principles of necessity, proportionality and legality, while ensuring appropriate safeguards in place for data subjects. However, there is ambiguity as to how the LED should work in practice due to several conceptual issues that the LED raises. This paper discusses three conceptual issues: consent, the categorisation of witnesses, suspects and victims, and the categorisation of facts versus opinions. Keywords: Law Enforcement Directive, Fundamental Rights, Consent, Law Enforcement Data, Directive 2016/680


Improving Consent in Information Privacy through Autonomy-Preserving Protective Measures (APPMs) Journal Artikel

Luiza Jarovsky

European Data Protection Law Review, Jahrgang 4 (2018), Ausgabe 4, Seite 447 - 458

In this article, I argue that due to numerous shortcomings, current online consent mechanisms do not allow data subjects to think, decide and choose according to their internal beliefs, therefore impairing essential individual freedoms – or capabilities, following Martha Nussbaum’s Capabilities Approach. I identify the main shortcomings of consent in privacy as issues of cognitive limitations, information overload, information insufficiency, lack of intervenability and lack of free choice, describing the type of imbalance present in each category. Then, based on current privacy theories and focusing on the concepts of autonomy and protection – and how they can be combined and manifested in policymaking - I propose the Methodology for Autonomy-Preserving Protection (MAPP), a methodology to evaluate (old) or design (new) measures to improve consent and reinstall the freedoms of thought, decision and choice in this context. According to the MAPP, if an entity A wants to generate positive welfare to an individual B, then: 1) the intentions or goals of A must be transparent, known to B and open to legal questioning and criticism; 2) the actions of A must be transparent, non-manipulative, known to B and open to legal questioning and criticism; and 3) the actions of A must not interfere in the decision-making capacities of B, preserving her autonomy. Lastly, applying the methodology, I present a non-exhaustive list of Autonomy-Preserving Protective Measures (APPMs), showing how they can enable the three freedoms highlighted in the present work and support more effective consent mechanisms. Keywords: Information Privacy, Consent, Data Protection, Autonomy, Paternalism

  • «
  • 1
  • »

Aktuelle Ausgabe