Olswang Germany IT and Data Protection Newsletter – Year End Edition 2014

Andreas Splittgerber

The 2014 Year End Newsletter looks at:

I. Article 29 Working Party publishes Opinion on “Internet of Things”

II. Data protection and competition law – statement by the Federal and State Commissioners for Data Protection

III. Are IP-addresses personal data? – German Federal Court of Justice ask ECJ

IV. Data processing for marketing: new guidelines

V. Outlook on current draft laws and recommended reading

 

A brief summary of each point is below – to read the full newsletter, please click here.

 

I. Article 29 Working Party publishes Opinion on “Internet of Things”

The WP29 considers IoT as generally permitted, but clearly states that any stakeholder is responsible for data protection. Despite of consent requirements and transparency obligations, personal data should be aggregated to the greatest extent possible and the principles of privacy by default and privacy by design shall be applied by the
stakeholders.

II. Data protection and competition law – statement by the Federal and State Commissioners for Data Protection

While competition authorities should not turn into data protection authorities (and vice versa), the nexus between data and competition needs to be given more attention in future competition investigations in data-driven high-tech markets.

III. Are IP-addresses personal data? – German Federal Court of Justice ask ECJ

The decision by the ECJ will above all affect all EU operators of Websites that allow surfing without personal registration. The decision by ECJ is not expected before well into 2015, but perhaps the European legislator takes the topic into account in the course of finalising the European Data Protection Regulation.

IV. Data processing for marketing: new guidelines

The Guidelines provide solid assistance and relatively secure guidelines with regard to data protection and marketing.

V. Outlook on current draft laws and recommended reading

Draft laws in IT security and Data Protection:
• Draft Directive on the Protection of undisclosed know-how and business information (trade secrets) against their unlawful acquisition, use and disclosure
• Draft bill of the IT-Security Act (IT-Sicherheitsgesetz)
• Draft of the General Data Protection Regulation (inofficial consolidated version)

New papers by the Article 29 Working Party:
• Guidelines on the implementation of the Court of Justice of the European Union judgment on “Google Spain and inc v. Agencia Española de Protección de Datos (AEPD) and Mario Costeja González” c-131/121 – WP 225
• Opinion 9/2014 on the application of Directive 2002/58/EC to device fingerprinting – WP 224
• Working Document on surveillance of electronic communications for intelligence and national security purposes – WP228

Leave a Reply

Your email address will not be published. Required fields are marked *