The Court of Justice of the European Union (CJEU) has handed down a reference for a preliminary ruling in Case C-610/15 (Stichtin Brein v Ziggo BV, XS4ALL Internet BV), holding that making available and managing an online platform for sharing copyright-protected works may constitute an infringement of copyright.
Continue Reading CJEU issues ‘The Pirate Bay’ judgment

In Aldi Stores (Ireland) Limited and Aldi GMBH & Co. KG v Dunnes Stores [2017] IECA 116, Dunnes Stores (Dunnes) succeeded in its  appeal against a High Court ruling that its 2013 comparative advertising campaign against Aldi was contrary to EC (Misleading and Comparative Advertising) Regulations, 2007 (the 2007 Regulations) and the Consumer Protection Act, 2007 (the 2007 Act).

In essence, the Court of Appeal determined that the High Court applied the wrong test.  It did not make a decision as to whether the 2013 campaign was lawful, but criticised a number of adverse findings made by the High Court.Continue Reading Comparative Advertising in the Court of Appeal

The General Scheme of the Data Protection Bill 2017 was published last Friday and we have prepared a summary of its main provisions here.

The drafting of the Bill is a complex task. There is a need to repeal the provisions of the Data Protection Acts 1988 and 2003 that are replaced by the directly effective provisions of the GDPR, to transpose the Law Enforcement Directive (2016/680) and at the same time to give effect to provisions of the GDPR that require national implementing measures.

Although not stated definitively, it appears that consideration is being given to having a
Continue Reading New Data Protection Bill Published

The Article 29 Working Party (WP29) (consisting of data protection regulators from the 28 Member States) has adopted an Opinion 01/2017 on the proposed e-Privacy Regulation, which will repeal and replace the e-Privacy Directive. Whilst the WP29 welcomes the proposal, it identifies several points of concern, and sets out how the proposal can be improved.
Continue Reading WP29 gives lukewarm welcome to proposed e-Privacy Regulation

The Article 29 Working Party (WP29) has proposed guidelines to help organisations identify when it is necessary to carry out a Data Protection Impact Assessment (DPIA) and how to do so. The guidelines are open to public comment until 23 May 2017.  DPIAs involve evaluating the potential impact that a new project will have on the privacy of individuals, and identifying ways to mitigate or avoid any adverse effects in advance of processing.  The GDPR requires DPIAs to be carried out when processing is likely to result in a “high risk” to the rights and freedoms of natural persons.
Continue Reading WP29 publishes draft guidelines on DPIAs

The Data Protection Commissioner (DPC) has published her Annual Report for 2016.  It highlights key developments and activities of her Office last year, as well as priorities for 2017, which will be “all about GDPR readiness“.  2016 was a busy year for the DPC’s Office.  It dealt with an increased number of queries, complaints and data breach notifications. The DPC continued her engaged approach to regulation, engaging extensively with multinational companies, such as Facebook, LinkedIn, Apple and WhatsApp on proposed new policies, products and services, conducting over 100 face-to-face meetings. The DPC also engaged with a number of entities in the public, health and private/financial sectors.
Continue Reading Data Protection Commissioner publishes Annual Report for 2016

The Article 29 Working Party (WP29) has issued its final guidance on Data Protection Officers (DPOs), Data Portability and Lead Supervisory Authority, in response to stakeholders’ comments. Some of the new points raised in the revised guidance are set out below.
Continue Reading WP29 issues final guidance on DPOs, Data Portability and Lead Authority

In Rolf Anders Daniel Pihl v Sweden, the European Court of Human Rights (ECHR) agreed with Swedish authorities that a non-profit association was not liable for anonymous defamatory comments posted on its blog. The ECHR held that the Swedish authorities’ refusal to hold the owner of the blog liable for the anonymous defamatory online comment did not violate the European Convention on Human Rights (the Convention).
Continue Reading Blog owner not liable for anonymous defamatory online comments

The Irish Commercial Court has ordered nine ISPs to block three websites offering illegal downloading or streaming of copyrighted movies and TV shows.  The action was brought by Motion Pictures Association, representing six film and TV studios.  The Court held that it was clear there had been infringement of copyright, that it would not result in the lawful use of the internet being interfered with and the order was proportionate to the damage being caused. None of the ISPs opposed the application for the injunction.  However one ISP raised concerns about cost implications of dealing with a large number of sites into the future, and asked the court to put a cap on the number of illegal website notifications a month, which movie companies could direct ISPs to block.  The Judge refused to grant a cap on notifications.
Continue Reading Court orders ISPs to block illegal streaming websites