The efforts of the Beeb in the Divisional Court have clarified the conditions to be satisfied before a Court can require journalistic material be produced in criminal cases.
When to assess the public interest in a FOIA request? Four years ago says Upper Tribunal in Maurizi
Heading off the FOIA equivalent of a zombie apocalpyse, the Upper Tribunal has driven a stake through the heart of the contention (long presumed dead) that the public interest in a FOIA request is to be assessed at a time other than when the public authority first refused the request.
Mean Ms Mustard (Or: covert recordings as admissible evidence)
Ms Mustard was injured in a road traffic accident, for which she claims compensation. She was examined by medical experts appointed by the insurer. She covertly recorded two of those consultations deliberately, and a third accidentally. She wants to deploy those recordings as evidence in support of her claim. The insurer objected, arguing that the recordings constituted unlawful processing contrary to the GDPR and the DPA 2018. Continue reading
(Thumb)nail in the coffin for the prohibition on monitoring?
Article 15(1) of the E-Commerce Directive (2000/31/EC) has long been a useful weapon in the armoury of social media platforms and search engines by prohibiting a “general monitoring obligation”. This, they argue, means that they can only be required to remove specific unlawful content that is identified by the complainant or court, but no more. The problem with this is that it is very easy for the unlawful content to be spread far and wide and the complainant is required to play whac-a-mole, identifying every repetition and variation of that content.
In today’s judgment in Eva Glawischnig-Piesczek v Facebook Ireland Limited (Case C-18/18), the CJEU has given important guidance in relation to the removal of content which contains identical wording to the original unlawful content or which has “equivalent” content.
Google: forget the right to be forgotten – here come class actions
Google got a good result from the CJEU last week on the right to be forgotten front: in Google LLC v CNIL (Case C‑507/17), the French DP regulator’s rather ambitious demand for global delisting on right to be forgotten grounds was overturned. In a nutshell:
Google has acknowledged that the EU’s RTBF rights are undermined if an internet user can simply switch to a non-EU version of Google and see the offending search results. So it implemented geo-blocking measures, whereby an EU user is automatically routed to an EU version of Google (one that doesn’t deliver the offending references), regardless of whether they type in a non-EU Google domain name.
Not good enough, said the CNIL, slapping Google with a €100k fine: Google must de-reference the offending links from search results delivered through any Google domain in the world. Continue reading
Facial recognition: a GDPR fine and some further regulation?
Facial recognition is certainly a hot topic just now. I blogged yesterday about the judgment in Bridges, which saw the Divisional Court dismiss challenges – principally on privacy and data protection grounds – to the use of automated facial recognition technology in a policing context. It would be a mistake, however, for data controllers to assume that the legal and regulatory environment is generally relaxed and permissive about facial recognition. Here are two interesting recent developments to bear in mind alongside the Bridges judgment. Continue reading