Can't find what you're looking for? Try the search bar or refine your parameters using the Frameworks & Concepts button above.
The European Commission’s announcement that it will consider simplifying regulatory regimes, notably in relation to data and technology, seems to open Pandora’s box. Is it a chance to draw lessons from what works well and what works less well? In this series on “Better Regulation” in relation to the digital economy, I will be exploring […]
Why the “TCF is illegal” claim is incorrect (and why both sides are saying opposite things): 1. The claim for joint controllership of IAB Europe over further processing (and OpenRTB in particular) was denied. This is significant. Some plaintiffs expressed their disappointment with the CJEU’s position on this during a conference at the VUB (Free […]
The Market Court decision is out in the IAB Europe / TCF vs Belgian DPA case, and its conclusion is nuanced (as one of the few to have truly read the judgment, trust me on this): (i) TC Strings are (were?) personal data under TCF 2.0, (ii) IAB Europe is (was?) joint controller regarding TC […]
Since November 2023*, I have been giving lots of thought to EDPB accountability – and how to challenge it. The recent General Court judgment setting aside Meta’s challenge to the Consent or Pay Opinion appears at odds with the Advocate General’s Opinion in the CJEU case regarding a WhatsApp binding decision of the EDPB. The CJEU […]
The European Commission’s announcement that it will consider simplifying regulatory regimes, notably in relation to data and technology, seems to open Pandora’s box. Is it a chance to draw lessons from what works well and what works less well? In this series on “Better Regulation” in relation to the digital economy, I will be exploring […]
Great events I’ll have the pleasure of speaking at in May: 1?? First, an IAPP web conference on adtech where I will be speaking alongside Dr. Sachiko Scheuing (with Joe Jones as moderator). “Adtech: Practical takeaways from recent EU developments”, on 7 May 2024 (4-5pm CET; 10-11am Eastern US). Organised by the IAPP – International […]
Are Guidelines of the European Data Protection Board “challengeable acts”, and could you attack them before the General Court of the EU? What about Art. 64 GDPR Opinions of the EDPB? The Advocate General’s Opinion in the WhatsApp v EDPB case (re EDPB Binding Decisions) suggests that the answer could be “yes” regarding those Art. […]
Not convinced by the reasoning of CJEU Advocate General Szpunar in the Inteligo Media case on the notion of “direct marketing”. Why? (i) The reasoning on Art. 13(2) of the ePrivacy Directive (ePD) seems flawed. The AG suggests that “Article 13(2) [ePD] deals comprehensively with the question of consent” (para. 50) and that its lex specialis […]
Belgian DPA’s direct marketing recommendation: great first attempt, but questionable positions included. First thoughts: [The BDPA has published a new direct marketing recommendation (replacing one of 5 years ago), and it’s a very good document. A public consultation is open until 10 May, and I hope some comments will deal with its shortcomings.] – Claim […]
Looking back + forwards, 4 big topics for me on LinkedIn in 2024 & likely still for 2025 are the following:– ePrivacy– “Consent or Pay”– AI & personal data– Cybersecurity The key ePrivacy topic was the European Data Protection Board’s guidelines on the technical scope of Art. 5(3) of the ePrivacy Directive – basically, “to […]
