Privacy & Information Security Law Blog

On May 25, 2021, the Grand Chamber of the European Court of Human Rights handed down its judgement in the case of Big Brother Watch and Others v. the United Kingdom, determining that the former surveillance regime in the UK violated Article 8 of the European Convention on Human Rights (“ECHR”), i.e., the right to respect for private and family life.

On July 19, 2016, Advocate General Saugmandsgaard Oe (“Advocate General”), published his Opinion on two joined cases relating to data retention requirements in the EU, C-203/15 and C-698/15. These cases were brought following the Court of Justice for the European Union’s (“CJEU's”) decision in the Digital Rights Ireland case, which invalidated Directive 2006/24/EC on data retention. The two cases, referred from courts in Sweden and the UK respectively, sought to establish whether a general obligation to retain data is compatible with the fundamental rights to privacy and data protection under EU law.

On January 12, 2016, the European Court of Human Rights (“the Court”) ruled in Bărbulescu v. Romania that companies can monitor their employees’ online communications in certain circumstances.

The case concerned the dismissal of a Romanian engineer, Bărbulescu, by his employer, for the use of the company’s Internet and in particular, Yahoo Messenger, for personal purposes during work hours. The employer alleged that Bărbulescu was violating internal regulations that prohibit the use of the company’s equipment for personal purposes.

On the 25th anniversary of his first proposal for what would become the World Wide Web (the “Web”), Sir Timothy John “Tim” Berners-Lee expressed concern at what he sees as the increasing threat that governments and commercial interests pose to the openness and accessibility of the Web. In a wide-ranging interview with the UK’s The Guardian newspaper, Berners-Lee criticized the approach that some lawmakers have taken on issues such as net neutrality and copyright legislation, as well as the decision by some countries to limit access to the wider Internet. He also called for an end to the control that the U.S. Department of Commerce exerts over the Internet Domain Name System.

On March 2, 2010, the German Federal Constitutional Court ruled that the mass storage of telephone and Internet data for law enforcement purposes is unlawful in its current form.

Since 2008, the challenged law has required telecom companies to retain data from telephone, email and Internet traffic, as well as mobile phone location data, for six months.  This information may be retrieved for law enforcement and safety purposes.  Constitutional claims were brought before the Court by nearly 35,000 citizens, representing the largest mass claim proceeding in German history. 

On January 12, 2010, Ms. Viviane Reding, Commissioner-designate for Justice, Fundamental Rights and Citizenship, was questioned during a public hearing before the European Parliament.  During this hearing, Ms. Reding revealed her priorities in the field of privacy and data protection.  “Fundamental rights and data protection will be top of the line” said Ms. Reding, who explained that she intends to incorporate the EU’s data protection rules into a modern and comprehensive legal instrument.