fbpx

Category Archives for "Court cases"

Court of Amsterdam decision demonstrates “threshold for use of fingerprints is high”

The Court of Amsterdam (‘the Court’) issued, on 15 August 2019, its decision on Case 7728204 CV VERZ 19-9686, where it upheld the choice of an employee of Manfield Schoenen BV, a retail company, who refused to provide their fingerprint for a newly introduced system of finger scan authorisation for cash registers.

The Decision highlights that Article 29 of the Act Implementing the GDPR (‘UAVG’) allows the processing of biometric data, such as fingerprints for the purpose of unique identification if the same is a necessity to fulfil authentication or security purposes. In addition, the Decision also notes that the processing of such biometric data is forbidden under Article 9(1) of the General Data Protection Regulation (GDPR).

Source: Netherlands: Court of Amsterdam decision demonstrates “threshold for use of fingerprints is high”

German court decides on the scope of GDPR right of access

The Supervisory Authority of Hesse region stated that the term “copy” in Art 15 GDPR should not be understood literally but rather in the sense of a “summary”.

This interpretation appears to conflict with an earlier decision of the Labor Appeals Court of Stuttgart which ordered an employer to provide actual copies of all information held by the company.

More recently, the Appeal Court of Cologne held that the customer of an insurance company is entitled to access all personal data pertaining to him and processed by the company, including any internal notes regarding conversations between company employees and the customer.

Source: German court decides on the scope of GDPR right of access

Google Hit With New Privacy Suit Over Voice Recordings

A group of California residents has sued Google over allegations that the tech giant violates state law by recording their conversations without consent.

Their complaint comes several weeks after the Dutch radio broadcaster VRT reported Google Home smart speakers and Google Assistant were transmitting consumers’ conversations to Google, even when people hadn’t first given the “Hey, Google,” or “OK, Google,” commands.

Three Illinois residents alleged in a complaint filed in Cook County, Illinois Circuit Court that Google’s collection and retention of voiceprints violates a state biometric privacy law.

Source: Google Hit With New Privacy Suit Over Voice Recordings 07/30/2019

Appeal against government mass surveillance loses in High Court

The human rights group Liberty has failed in its legal bid to put an end to the Investigatory Powers Act.

The law permits mass monitoring of connected devices to enable intelligence agencies to extend surveillance and government knowledge. But the legislation, branded the “Snoopers’ Charter” by its detractors has come under heavy criticism.

Source: Appeal against government mass surveillance loses in High Court

Websites Using Facebook “Like” Button Are Responsible for User Privacy

The Court of Justice for the European Union has ruled websites embedding the Facebook “like” button are responsible for user privacy.

In Fashion ID v Verbraucherzentrale NRW, the Court stated FashionID can be held jointly responsible with Facebook for compliance with Europe’s data protection rules. Facebook’s tracking technique collects the personal data of visitors to a third-party website and transfers it to Facebook.

Source: Top European Court Rules Companies Using Facebook “Like” Button Are Responsible for User Privacy

Privacy Group Files Legal Challenge to Facebook’s $5 Billion FTC Settlement

The Electronic Privacy Information Center (EPIC) says the deal would unfairly dismiss thousands of complaints against the tech giant.

EPIC requested a hearing where the court could review the fairness of the Facebook agreement and consider consumer groups’ complaints. If the court decides to grant such a hearing, a judge could require the trade commission to review outstanding consumer complaints and alter the terms of the proposed settlement.

Source: Privacy Group Files Legal Challenge to Facebook’s $5 Billion F.T.C. Settlement – The New York Times

European Commission refers Greece and Spain to Court

The European Commission decided to refer Greece and Spain to the Court of Justice of the EU for failing to transpose the EU rules on personal data protection (the Data Protection Law Enforcement Directive, Directive (EU) 2016/680).

In April 2016, the Council and the European Parliament agreed the Directive had to be transposed into national law by 6 May 2018.

Source: Data protection: Commission refers Greece and Spain to Court

UK decision to deny EU citizens access to data challenged in court

The government has been taken to court over its decision to deny European citizens the right to access data the Home Office holds on individuals in immigration cases.

In a high court judicial review, campaigners for EU citizens allege that a clause in the Data Protection Act 2018 unlawfully excludes them from rights they would otherwise hold to access private data held by third parties.

Source: UK decision to deny EU citizens access to data challenged in court | UK news | The Guardian

Google to pay $13 million over Street View data collection

Google has agreed to pay a $13 million settlement that could resolve a class-action lawsuit over the company’s collection of people’s private information through its Street View project.

The agreement, if approved by a judge, would resolve a 2010 suit over the Street View program’s privacy violations, ending nearly a decade of legal challenges related to the issue. The legal action began when several people whose data was collected sued Google after it admitted the cars photographing neighborhoods for Street View had also gathered emails, passwords and other private information from wifi networks in more than 30 countries.

Source: Google privacy lawsuit: Tech giant to pay $13 million over Street View data collection – CNN

CJEU’s hearing on Schrems II has both sides worried ruling could be sweeping

On July 9 the Court of justice of European Union had its session in so called Schrems II case. The question is; whether U.S. law on the access of national security agencies to the personal data of non nationals, the Foreign Intelligence Service Act, breaks European data protection laws. And if so, does that invalidate currently legal data transfer mechanisms?

Court heard from the Irish Data Protection Commissioner, Facebook, the Electronic Privacy Information Center, DigitalEurope, the Business Software Alliance, the European Commission, the European Data Protection Board, the U.S. government as well as several EU countries and representatives of Max Schrems himself.

The EU court’s Advocate General Henrik Saugmandsgaard Øe said he will give his non-binding opinion in the case December 12 this year, with a full decision expected by early 2020.

Source: CJEU’s hearing on Schrems II has both sides worried ruling could be sweeping

>