The ECJ's videoconference system complies with data protection rules (EDPS)

With its Schrems II-judgment of 16 July 2020, the Court of Justice declared invalid the EU-US Privacy Shield, governing the transfer of personal data from the European Union to the United States. 

In the absence of this EU-US Privacy Shield, in February 2021 the Court of Justice of the European Union (CJEU), as an EU institution, referred its contract with its US-based videoconferencing operator to the European Data Protection Supervisor (EDPS). 

It asked the EDPS whether these rules complied with the EU’s data protection rules contained in the EU Data Protection Regulation. The EDPS issued two temporary authorisations, in 2021 and 2022, allowing the CJEU to use these contractual clauses. It adopted its final decision on 13 July 2023. 

The EDPS has decided that the CJEU’s videoconferencing services meet the data protection standards under EU Data Protection Regulation. The CJEU is the first EU institution to obtain such approval from the EDPS. The main characteristics of the videoconferencing services used by the CJEU are: 

  • no data is transmitted to the cloud for confidential meetings; 
  • very limited data transmitted to the cloud for other meetings with full and strong encryption (end-to-end encryption, one to many points) by default; 
  • combined with strong technical and organisational measures; and moreover 
  • the use of cloud servers located exclusively within the EU. 

The final decision of the EDPS adopted on 13 July 2023 may be consulted on the EDPS’ website. (source curia.europa.eu/photo freepik.com)

Comments

Post a Comment

Popular posts from this blog

Ombudsman inquiry on Commission President’s text messages is a wake-up call for EU

Image
The European Ombudsman inquiry into the Commission’s handling of a request for text messages between its President and the CEO of a pharmaceutical company is a wake-up call for all EU institutions about ensuring accountability in an era of instant messaging. One year after the initial request by a journalist, the Commission has still not clarified whether messages reported to concern major vaccine procurement deals exist and whether the public is entitled to see them. The Ombudsman had asked the Commission, in a finding of maladministration in January, to conduct a more thorough search for the text messages. The Commission’s recent response failed to say whether it had looked directly and correctly for the text messages and if not, why not. While the response recognised that work-related text messages can be EU documents, it reiterated that the Commission’s internal policy is, in effect, not to register text messages. The Ombudsman has closed  the inquiry  and upheld...
Read more

ECHR Rules on Employee Data Privacy: The Guyvan v. Ukraine Judgment

Image
This case before the European Court of Human Rights (ECHR) primarily concerned a complaint under Article 8 (Right to respect for private and family life) of the European Convention on Human Rights, specifically regarding the processing of data from an applicant's work mobile telephone by his employer. Facts The applicant, was an employee whose work mobile phone was also used for private calls. In the context of an internal investigation related to the use of the phone, his employer, P. company, obtained detailed information from the mobile phone operator. This information included the date, time, and type of communication (incoming/outgoing), and details about international roaming services. The employer requested this data to verify the applicant's presence at his workplace. The applicant subsequently lodged a civil claim against the company, arguing that the collection and processing of his personal data were unlawful and requesting that the company be ordered to provid...
Read more

The Delivery Delay Clause in Residential Construction Contracts: Consumer Protection in Cyprus and Europe

Image
By Giorgos Kazoleas, LL.M., Lawyer, Managing Partner at Legal Experts Cyprus The purchase or construction of a new residence is one of the most significant financial and personal decisions a consumer can make. Residential construction contracts or agreements for the sale of property under construction are a crucial and defining element of the entire process, as certain terms they may contain can be detrimental to the buyer. One of the most critical aspects is the contractual delivery time of the project and the provision for delay, through the so-called delivery delay clause. The Delivery Delay Clause: Its Role and Legal Nature The delivery delay clause (also known as a penalty clause in the event of default) is a term usually included in the contract that specifies a predetermined compensation amount that the contractor or seller must pay to the buyer for every day, week, or month of delay beyond the agreed delivery date. The purpose of the clause is twofold: -Compensatory: ...
Read more

Legislation lowering retirement age to 60 for female judges in violation of European Convention of Human Rights (ECtHR)

Image
In Chamber's judgment in the case of Pająk and Others v. Poland (applications nos. 25226/18, 25805/18, 8378/19 and 43949/19), the European Court of Human Rights held, by a majority (5 votes to 2), that there had been a violation of Article 6 § 1 (right of access to a court) of the European Convention on Human Rights in respect of all applicants, and a violation of Article 14 (prohibition of discrimination) taken in conjunction with Article 8 (right to respect for private life) in respect of the three applicants who had lodged complaints under those provisions.  The case concerned four judges who complained about legislative amendments that had lowered the retirement age for judges from 67 to 60 for women, and to 65 for men, and had made the continuation of a judge’s duties after reaching retirement age conditional upon authorisation by the Minister of Justice and by the National Council of the Judiciary (“the NCJ”).  The Court took the view that judges should enjoy protection ...
Read more

Τhe struggle for the abolition of the death penalty continues: Joint statement on the European and World Day against the Death Penalty

Image
High Representative on behalf of the European Union and the Secretary-General on behalf of the Council of Europe made a joint statement on the European and World Day against the Death Penalty (10 October 2021): "The European Union and the Council of Europe reaffirm their firm opposition to capital punishment at all times and in all circumstances. The death penalty is a cruel, inhuman and degrading punishment contrary to the right to life. Its abolition is essential to ensure respect for human dignity.  This year’s World Day is dedicated to women. Although women represent a small percentage of global death sentences, gender-based discrimination continues to impact women at all levels of the criminal justice system. In some countries, women are sentenced to death at higher rates than men for offences linked to sexual morality, such as adultery. Moreover, mitigating circumstances related to gender-based violence and abuse are rarely taken into consideration during the criminal proces...
Read more

Moving between Member States without an identity card or passport - A fine amounting to 20% of the amount of the offender’s average net monthly income, is not proportionate to the seriousness of the offence

Image
In its Judgment in Case C-35/20 (6.10.2021) , the European Court of Justice ruled that a Member State may require its nationals to carry a valid identity card or passport when travelling to another Member State, irrespective of the means of transport used and the itinerary, subject to sanctions. While EU law does not preclude the imposition of a criminal penalty, it does preclude disproportionate penalties, such as a fine amounting to 20% of the offender's average net monthly income. A, a Finnish national, made a round trip between Finland and Estonia in August 2015 on a pleasure boat. During that trip, he crossed the international waters between Finland and Estonia. He was the holder of a valid Finnish passport, but did not have it with him during that trip. As a result, during a border check in Helsinki on his return, A was unable to produce his passport or any other travel document, although his identity could be established on the basis of his driving licence. The syyttäjä ...
Read more

Fully-funded PhD position in AI, Law and Public Power

Image
Erasmus University Rotterdam School of Law, department Law & Markets, is looking for a fulltime PhD researcher in AI, Law and Public Power (4,5 years with 20% teaching tasks). PhD AI, Law and Public Power Are you curious about how artificial intelligence is changing state actor powers? Do you want to conduct critical and in-depth legal research at the intersection of technology, law and power? And would you like to combine that with academic teaching? Then this PhD position at Erasmus School of Law is for you. Within the Law & Markets team, you will spend 4.5 years researching the legal regulation of AI in the public sector. How do we protect fundamental rights when algorithms help decide on who receives public benefits, how to perform enforcement or how to enact environmental policy? What is the role of the state, and where is the limit of government power in a data-driven society? You will have plenty of space to choose your own research angle and work in a multidisci...
Read more