fbpx

Free tools and resources for Data Protection Officers!

Category Archives for "Court cases"

Google Hit With New Privacy Suit Over Voice Recordings

A group of California residents has sued Google over allegations that the tech giant violates state law by recording their conversations without consent.

Their complaint comes several weeks after the Dutch radio broadcaster VRT reported Google Home smart speakers and Google Assistant were transmitting consumers’ conversations to Google, even when people hadn’t first given the “Hey, Google,” or “OK, Google,” commands.

Three Illinois residents alleged in a complaint filed in Cook County, Illinois Circuit Court that Google’s collection and retention of voiceprints violates a state biometric privacy law.

Source: Google Hit With New Privacy Suit Over Voice Recordings 07/30/2019

Appeal against government mass surveillance loses in High Court

The human rights group Liberty has failed in its legal bid to put an end to the Investigatory Powers Act.

The law permits mass monitoring of connected devices to enable intelligence agencies to extend surveillance and government knowledge. But the legislation, branded the “Snoopers’ Charter” by its detractors has come under heavy criticism.

Source: Appeal against government mass surveillance loses in High Court

Websites Using Facebook “Like” Button Are Responsible for User Privacy

The Court of Justice for the European Union has ruled websites embedding the Facebook “like” button are responsible for user privacy.

In Fashion ID v Verbraucherzentrale NRW, the Court stated FashionID can be held jointly responsible with Facebook for compliance with Europe’s data protection rules. Facebook’s tracking technique collects the personal data of visitors to a third-party website and transfers it to Facebook.

Source: Top European Court Rules Companies Using Facebook “Like” Button Are Responsible for User Privacy

Privacy Group Files Legal Challenge to Facebook’s $5 Billion FTC Settlement

The Electronic Privacy Information Center (EPIC) says the deal would unfairly dismiss thousands of complaints against the tech giant.

EPIC requested a hearing where the court could review the fairness of the Facebook agreement and consider consumer groups’ complaints. If the court decides to grant such a hearing, a judge could require the trade commission to review outstanding consumer complaints and alter the terms of the proposed settlement.

Source: Privacy Group Files Legal Challenge to Facebook’s $5 Billion F.T.C. Settlement – The New York Times

European Commission refers Greece and Spain to Court

The European Commission decided to refer Greece and Spain to the Court of Justice of the EU for failing to transpose the EU rules on personal data protection (the Data Protection Law Enforcement Directive, Directive (EU) 2016/680).

In April 2016, the Council and the European Parliament agreed the Directive had to be transposed into national law by 6 May 2018.

Source: Data protection: Commission refers Greece and Spain to Court

UK decision to deny EU citizens access to data challenged in court

The government has been taken to court over its decision to deny European citizens the right to access data the Home Office holds on individuals in immigration cases.

In a high court judicial review, campaigners for EU citizens allege that a clause in the Data Protection Act 2018 unlawfully excludes them from rights they would otherwise hold to access private data held by third parties.

Source: UK decision to deny EU citizens access to data challenged in court | UK news | The Guardian

Google to pay $13 million over Street View data collection

Google has agreed to pay a $13 million settlement that could resolve a class-action lawsuit over the company’s collection of people’s private information through its Street View project.

The agreement, if approved by a judge, would resolve a 2010 suit over the Street View program’s privacy violations, ending nearly a decade of legal challenges related to the issue. The legal action began when several people whose data was collected sued Google after it admitted the cars photographing neighborhoods for Street View had also gathered emails, passwords and other private information from wifi networks in more than 30 countries.

Source: Google privacy lawsuit: Tech giant to pay $13 million over Street View data collection – CNN

CJEU’s hearing on Schrems II has both sides worried ruling could be sweeping

On July 9 the Court of justice of European Union had its session in so called Schrems II case. The question is; whether U.S. law on the access of national security agencies to the personal data of non nationals, the Foreign Intelligence Service Act, breaks European data protection laws. And if so, does that invalidate currently legal data transfer mechanisms?

Court heard from the Irish Data Protection Commissioner, Facebook, the Electronic Privacy Information Center, DigitalEurope, the Business Software Alliance, the European Commission, the European Data Protection Board, the U.S. government as well as several EU countries and representatives of Max Schrems himself.

The EU court’s Advocate General Henrik Saugmandsgaard Øe said he will give his non-binding opinion in the case December 12 this year, with a full decision expected by early 2020.

Source: CJEU’s hearing on Schrems II has both sides worried ruling could be sweeping

ECHR rules uninterrupted CCTV surveillance of detainees is breach of privacy

The case originated in three applications against the Russian Federation lodged with the European Court of Human Rights (Court). The applicants complained, in particular, that constant surveillance of their cells, at times by female guards, by closed-circuit television cameras had violated their right to respect for their private life, as guaranteed by Article 8 of the Convention for the Protection of Human Rights and Fundamental Freedoms.

The Court found that the permanent CCTV camera monitoring of the applicants, all in detention, breached their right to private life in contravention of Article 8 of the Convention.

Read ruling

SCHREMS 2.0 – the demise of Standard Contractual Clauses and Privacy Shield?

On July 9th, Europe’s highest court – the Court of Justice of the European Union (CJEU) – is set to hear a case concerning the validity of two key data transfer mechanisms: Standard Contractual Clauses (SCCs) and Privacy Shield – mechanisms widely used by businesses within the European Economic Area (EEA) to legitimise the transfer of personal data to countries outside the EEA.

There is a significant risk the CJEU will declare these transfer mechanisms as invalid. If this happens, many organisations will be left without any practical solution to legitimise the international transfer of personal data outside the EEA and exposure to the threat of GDPR revenue based fines, regulatory sanctions including injunctions and third party claims for compensation.

Read full article: SCHREMS 2.0 – the demise of Standard Contractual Clauses and Privacy Shield?

>