All posts by Carlo Piltz

Datonomy readers may have had to grapple with the tricky issue of which national data protection law to apply in the context of an online service with a cross border dimension. They are not alone - the German courts have recently considered the issue in relation to Facebook's operations. In April, the German Higher Administrative Court of Schleswig-Holstein ruled that German data protection law does not apply to Facebook's collection and processing of personal data of users in Germany. Instead only Irish data protection law would be applicable. The case The Internet giant faced an order by the Independent Data Protection Authority of Schleswig-Holstein, which wanted to force Facebook to allow German users the use of pseudonyms for the registration and for their profile names instead of the real name. German data protection law obliges website providers to enable this feature to the extent that this is technically possible … Continue Reading ››
On 27 February 2013, the Article 29 Working Party (hereinafter "Article 29 WP") adopted its newest Opinion WP 202 (hereinafter "Opinion") regarding apps on smart devices. This article summarizes some of the most important statements and guidelines provided by the European data protection authorities. Applicable law First of all, the Opinion emphasizes that the Data Protection Directive (95/46/EC) and the ePrivacy Directive (2002/58/EC, as revised by 2009/136/EC) constitute the relevant EU legal framework for the processing of personal data via apps on smart devices and that both directives are imperative laws which cannot be excluded by contractual agreement. Four main parties Hereafter, the Opinion identifies four main parties which, depending on the purposes and means of the respective data processing activity, carry different responsibilities: 1. App developers According to the Opinion, app developers decide the extent to which apps access and process personal data in the device and insofar have to be regarded as data … Continue Reading ››