Category Archives: EU

Made in the EU with GDPR inside!

Qwant“Made in the EU with GDPR inside”, will this be the new label to look for when seeking a quality online service with reliable privacy guarantees?

On 27 April 2016 the EU General Data Protection Regulation (the GDPR) was passed and will come into effect on May 25th 2018. Despite various messages from national data protection authorities (e.g. the ICO) and the EU directorate general in charge of internet, DG Connect urging companies not to wait until the last minute to make sure their services are compliant, many are still not sure what exactly a GDPR compliant Terms of Service or Privacy policy might look like.

Continue reading Made in the EU with GDPR inside!

EDPS Civil Society Summit

EDPS_new_logoOn June 16th we joined civil society organizations like Privacy International, the European Digital Rights association EDRi and various others for a half-day civil society summit organized by the European Data Protection Supervisor (EDPS). On the agenda were a brief overview of the “Big Issues in Privacy and Data Protection in 2016” by Joe MCNamee of EDRi followed by three one-hour sessions on “Implementation of the GDPR, consistency, flexibility, guidelines” introduced by Anna Fielder (Privacy International); “Reform of e-Privacy Directive: What’s at stake?” introduced by Prof. Ian Brown (Oxford Internet Institute); and “Necessity and proportionality and data protection” introduced by Ralf Bendrath (German Working Group on Data Retention and Digitale Gesellschaft).

Continue reading EDPS Civil Society Summit

EuroDIG 2016

EuroDIG2016From June 8th to 10th we attended EuroDIG 2016, the annual Pan-European Dialogue on Internet Governance conference that was held in Brussels this year.

Continue reading EuroDIG 2016

Are Privacy Shield/Kitemarks the solution for transparent Terms & Conditions?

ICO-urges-firms-to-get-privacy-sealsAt the heart of current online consumer protection is the concept of informed consent where by the prospective consumer makes a conscious decision to sign up to a service with full knowledge and consent to the consequences of doing so. Even in the newly signed EU General Data Protection Regulation, which will go into effect in 2018, this will not fundamentally change. For anyone who has ever used a commercial internet service however, and this included policy makers, it is glaringly obvious that there is a fundamental flaw in this approach, namely the assumption that the consumer has a good understanding of the contract that is being entered into.

Continue reading Are Privacy Shield/Kitemarks the solution for transparent Terms & Conditions?

‘Online platforms and the Digital Single Market’ report by the House of Lords EU Internal Market Sub-Committee

HoL_OnlinePlatformsThis week saw the publication of the report on ‘Online platforms and the Digital Single Market’ by the House of Lords EU Internal Market Sub-Committee. This reports presents the findings of the inquiry that was held from October 2015 till spring 2016, receiving 85 written responses and 20 oral evidence sessions. Included in the written responses were two from Horizon Digital Economy Research, one by Prof. Rodden and one by myself which we partially posted on this blog about in October 2015. The main driver for this inquiry was the publication in May 2015 by the European Commission (EC) of its ‘Digital Single Market Strategy for Europe’ (DSM), which drew attention to the growing role of online platforms as key players in social and economic interactions on the internet, and was followed on 24 September by the launch of an EC consultation ‘A fit for purpose regulatory environment for platforms and intermediaries’. For the purposes of both the EC consultation and the Lords’ inquiry online platforms were considered to ‘represent a broad category of digital businesses that provide a meeting place for two or more different groups of users over the Internet, examples of which include search engines, online marketplaces, the collaborative or sharing economy, and social networks’. What follows is an incomplete summary of the findings in the report, with a focus on the issues related to fundamental rights of platform users (e.g. privacy), the role of algorithms and user consent, which are most closely related to our work at CaSMa.

Continue reading ‘Online platforms and the Digital Single Market’ report by the House of Lords EU Internal Market Sub-Committee

DG Connect survey on the ‘future of the internet’

EU_NetFuturesThe European Commission Directorate General for Communications Networks, Content & Technology, a.k.a DG Connect recently launched a survey (deadline April 10th 2016) on the ‘future of the internet’ as part of its Net Futures agenda, which was established to “pioneer and coordinate research, innovation, and policy initiatives on what lies beyond the current internet architecture, software and services.” Below is a copy of my submission to the survey.

Continue reading DG Connect survey on the ‘future of the internet’

Digital4EU stakeholder forum (summary)

digital4euOn 25th February 2016, the Digital4EU Stakeholder Forum, organized by the European Commission, took place in Brussels. This one day conference was centred on the progress made in creating a Digital Single Market in Europe. The agenda of the day started with a pre-conference breakfast session about the European Fund for Strategic Investment (EFSI)’s financing opportunities for digital projects, especially for extending the roll-out of Broadband internet connections in rural areas that have not yet achieved full internet penetration.

Continue reading Digital4EU stakeholder forum (summary)

General Data Protection Regulation: Implications for Children Digital Rights

According to the General Data Protection Regulation (GDPR,) information society services that wish to process any personal information related to a child under the age of 16 years will require parental/guardian consent. The GDPR is the European Commission’s tool that will unify data protection in the EU and there are plans for it to be adopted in 2018. In the most recent GDPR draft released by the European Council, the age limit where parental consent is mandatory has raised from 13 to 16 years. The implications for children digital rights are not well understood and, at the moment, nobody knows if this regulation will protect children or by the contrary make them more vulnerable. Something certain is that, until now, minimal consultation to incorporate the children voice has taken place and consequently, children’s digital rights are not being treated with the respect or seriousness they deserve.

consent comic Continue reading General Data Protection Regulation: Implications for Children Digital Rights

EU data protection reform

EUDataProtectionReformThe EU regulatory framework for protection of personal data is undergoing major reform in order to tackle persisting differences between national data protection regimes across the EU. Additional objectives of the reform include strengthening data protection in line with its status as a fundamental right in the EU constitutional order, increasing public trust in online services, and minimising data controllers’ compliance burdens. As part of this reform the European Commission issued a proposal in  2012 for a General Data Protection Regulation (GDPR) which is to replace the current Data Protection Directive (Directive 95/46/EC).

Continue reading EU data protection reform