Data & IT Law Monthly December 2015: Data Protection in China or EU General Data Protection Regulation
The overview of interesting Data & IT Law articles and news in December 2015!
The agreement on the General Data Protection Regulation compromise text
After several years of negotiations and preparations, The Permanent Representatives Committee of the Council confirmed that the Council, the European Parliament and European Commission had agreed on the compromise text of the General Data Protection Regulation on December 15, 2015.
Many authors addressed the issue, which institution had a bigger influence on the final text. In the wonderful article by Blomberg, the authors argue:
“On the one hand, the inclusion of non-EU processors to the scope of application of the GDPR (Article 3 (2)) and of biometric data as a special category of sensitive data (Article 9) and the use of standardized icons to inform individuals about the data processing activities (Article 12 (4b) and (4c)) were legislative efforts by the Parliament. On the other hand, it was mainly the Council’s effort to include a definition of genetic data (Article 4 (10)), limit the processing of data relating to criminal convictions and offences (Article 9a), and determine the situations where the appointment of a data protection officer is mandatory (Article 35).“
Another group of authors started to publish different types of guides and introductions to GDPR. One of them is by Olivier Proust from fieldfisher.com. They published several posts about various issues, such as profiling or third party relations.
The US Court of Appeals held that Facebook “likes” are Protected Employee Conduct
The authors at JD Supra had addressed an interesting recent case from the USA. The United States Court of Appeals for the Second Circuit dealt with the situation, in which “a group of non-union employees who worked at the sports bar discovered they owed more employment taxes than they had originally expected.” One of them posted a Facebook post, criticizing the employer, some of them commented and liked the post. The employer discharged the author of the post and terminated the employment of an employee who “liked” the post.
It was the Court of Appeals that had eventually dealt with the issues. It argued that “the posts were protected by the Act (National Labor Relations Act), specifically finding that the use of the “Like” option was protected conduct.” The authors argue that “this decision serves as a good reminder that, before disciplining an employee for social media posts, employers should appreciate that posts that reflect negatively on the employer are not necessarily legitimate grounds for discipline.”
Data protection in China: EU perspective
The European Parliament’s Civil Liberties, Justice and Home Affairs Committee requested a report on the data protection regulation in China. The report can be accessed here. It deals with the constitutional, criminal, judiciary and civil basis of data protection as well as the specific features of the regulation.
The authors at Bloomberg had summarized the report using these words: “China has a privacy regime, sorta-kinda. You can, apparently, make out the faint outline of a data protection framework if you throw a really broad net, stay open-minded about what might constitute a privacy law, and use your imagination.”
The consequences of Belgium´s decision about Facebook´s use of cookies
In Belgium, Facebook was prohibited the use of a tracking cookie for users, who had not signed up to the terms and service and explicitly granted the company permission. Facebook was given a fine for every day the browsers of the users still have the cookie inside them.
The company protested that the cookie was used for other purposes. “It has opted to block these users rather than removing the cookie and said it may place extra security measures for Belgian members who try to log in from browsers that it had not previously seen.”
The case was also interesting due to the fact that a Belgian court found that it had jurisdiction to address the case.
December issue of JIPITEC
The seventeenth issue of the Journal of Intellectual Property, Information Technology and Electronic Commerce Law (JIPITEC) was launched. You may download it on its website.
Among other things, you may read about:
- Information as a property by Herbert Zech
- Scoping Electronic Communication Privacy Rules: Data, Services and Values by Joris van Hoboken and Frederik Zuiderveen Borgesius
- Welcome to the Jungle: The Liability of Internet Intermediaries for Privacy Violations in Europe by Bart van der Sloot
- Getting Privacy to a new Safe Harbour. Comment on the CJEU Judgment of 6 October 2015, Schrems v Data Protection Commissioner by Philipp E. Fischer
