EU Issues Overview – 26 March – 1 April 2016 Thumbnail
Newsletters 7 April 2016

EU Issues Overview – 26 March – 1 April 2016

Data protection

EU: Pending cases on data retention may threaten the EU-US Privacy Shield

  • In her recent speech on the Privacy Shield delivered in the European Parliament, Isabelle Falque-Pierrotin, Chair of the Article 29 Working Party and President of the French data protection watchdog CNIL, stated that bulk collection of data is one of the key areas which needs to be addressed. 
  • Falque-Pierrotin referred to three cases on the legality of bulk data collection which are currently pending at the Court of Justice of the European Union. The first case concerns an agreement between the EU and Canada on sharing airline passenger data for law enforcement purposes and two on the retention of communications data by telecoms companies. 
  • It was argued that the cases are particularly relevant to the Privacy Shield, especially if the judges decide that EU rules for data collection should be more restrictive. Such a decision could translate into US commitments on surveillance practices falling short of EU standards. A senior official of the US government said that the Privacy Shield was negotiated based on the current EU law, should the rules be modified, changes to the agreement might become necessary.
  • On 7 April, the Article 31 Committee composed of Member States representatives will gather to discuss the transatlantic data agreement. The umbrella organisation of EU data protection authorities, the Article 29 Working Party, is expected to present its opinion on the agreement and on the alternative tools for transatlantic data transfers following its plenary meeting on 12 and 13 April.

Global: Survey reveals a majority favourable to law enforcement authorities’ access to data

  • The Centre for International Governance Innovation (CIGI) has published its 2016 Global Survey on Internet Security and Trust. Conducted by Ipsos, the survey reached over 24,000 Internet users in 24 countries around the world, including France, Germany and the UK.
  • The results of the survey showed that seven in ten people think that the dark net should be shut down. The survey also revealed that only 38% of respondents trust that their activities on the Internet are not being monitored.
  • As for law enforcement authorities’ access to private online conversations, 70% of respondents stated that authorities should have a right to access, if they have valid national security reasons. The survey found that 63% of respondents agree that companies should not develop technologies that would undermine law enforcement’s ability to access data.

EU: Swedish operator risks fine over law enforcement authorities’ access to data

  • PTS, Sweden’s telecom regulator, ordered telecom operator Bahnhof to hand over five sets of subscriber data. Following the annulation of the EU Data Retention Directive, the operator stopped retaining subscribers’ data. However, a review conducted by a Swedish court concluded that the domestic law remains valid as it respects safeguards included in the EU privacy law for the telecom sector.
  • Bahnhof complied with a November 2015 order requiring the company to resume data retention but has since refused to hand over the data requested by the police as they did not concern a serious crime. The operator has argued that EU case law established that data handover should be limited to serious crimes only.

EU: Google says EU data protection watchdogs satisfied with its delisting system

  • Chiara Garofoli, a central litigation counsel for Google in Europe, announced that since the landmark ruling of the Court of Justice of the European Union on the right to be forgotten, the company reviewed about 1.5 million links.
  • Reacting to remarks that delisting decisions should be made by a court or a data protection authority (DPA), not by private companies, Garofoli said that out of 400,000 requests for removal of links from Google’s search index, fewer than 1,000 have been questioned by DPAs. Last week, CNIL fined Google for failing to delist links across all its domains.

EU: ENISA publishes a report on privacy enhancing technologies

  • The European Network and Information Security Agency published a report on Privacy Enhancing Technologies (PETs), assessing their quality and technology readiness.
  • The report includes the results of two pilot tests of the proposed scales and methodology which allow comparing different PETs.


EU: Parliament starts its work on the proposed content portability Regulation

  • MEP Jean-Marie Cavada (ALDE, France) will lead the European Parliament’s work on the proposed Regulation on the cross-border portability of online content services the European Commission presented in December 2015. Cavada is Vice-Chair of the Parliament’s Committee on Legal Affairs and coordinator of a working group on intellectual property rights and copyright framework reform.
  • The proposal would create a new right for EU consumers who have subscribed to or acquired content in their home country and who shall be able to access it when temporarily present in another EU Member States. The definition of a consumer’s temporary state in another EU Member State may prove to be one of the contentious areas of the proposal.
  • The Dutch Presidency of the Council of the EU aims to have a draft version of the Regulation agreed on before the end of June. In the Presidency’s first draft compromise text, provisions on country of residence were strengthened, requiring online streaming services to verify the user’s country of residence.


EU: Director of ENISA warns against forcing companies to create backdoors to encryption

  • Udo Helmbrecht, Director of ENISA (European Network and Information Security Agency) stated that technology companies should not be forced to create backdoors for law enforcement agencies to access encrypted communication. 
  • The statement contrasts with the stance adopted by German Interior Minister Thomas de Maizière and French Prime Minister Manuel Valls who, following the Brussels attacks, stated that authorities need greater access to data.

Related articles

Newsletters 3 April 2020

Kilima: Highlights from ISOC Africa – March 2020

Africa Regional Bureau Newsletter for March 2020

Newsletters 3 February 2020

Kilima: Highlights from ISOC Africa – January 2020

Africa Regional Bureau Newsletter for January 2020

Newsletters 12 December 2019

Kilima: Highlights from ISOC Africa – November 2019

Africa Regional Bureau Newsletter for November 2019