Articles

• Brown, Peter, The Right to be Forgotten: U.S. Rulings on Free Speech Won’t Let Google Forget, CRI 2014, 161-166
  In May of this year, the Court of Justice of the European Union (“CJEU") handed down a landmark ruling (Cri 2014, pp. 77 with US remarks by Spelman/Towle and Irish remarks by Tobin) stating that EU citizens – under certain circumstances – have a “right to be forgotten" in search engine results under the 1995 Data Protection Directive 95/46/EC (“the Directive"). This right to expunge the necessary links to information about past events in an individual’s life that are outdated, negative or private, is the latest EU development to challenge free speech rights recognized by the Constitution of the United States.Under U.S. law, the societal right of free speech – as protected by the U.S. Constitution – generally holds a higher ground than an individual’s privacy. This article will explain why the “right to be forgotten" is contrary to fundamental U.S. law and values. The following includes a review of the implications of this landmark European case (I.), and the development of the U.S.’s stance on free speech and how this is applied to search engines and the media (II.). Finally, it will consider whether the “right to be forgotten" can be implemented as a practical matter, or whether this ruling is – at heart – a manifestation of anti-American feelings in the EU (III.).

• Thole, Elisabeth / de Vries, Eva / Laan, Vonne, “Tap and Pay": Who’s Looking After Your Privacy?, Privacy aspects of contactless payments viewed in connection with Dutch law, CRI 2014, 166-172
  Using your smartphone or cash card to “tap and pay" contactless for goods and services is a great convenience. Contactless payment is available in more than 50 countries of the world and necessitates handling consumers’ personal data. The article first explains what contactless payment is (I.) and outlines the battle between Near Field Communication (NFC) and Quick Response (QR) for the technological standard (II.). Then the legal framework for the protection of personal data is analysed for each player participating in the data processing chain (III.) and rounded up with a list of key privacy obligations (IV.).

• Plath, Kai-Uwe, CJEU on Right of Access – No ‘Spill-Over Effect’ on Non-Personal Data, CRI 2014, 173-174
  In the joined cases C-141/12 and C-372/12, the Court of Justice of the European Union (CJEU) has issued a decision which has received little attention, but which shall be of far-reaching practical significance. At the heart of this decision is the interpretation of ‘personal data’, the term and concept central to European data protection law. The CJEU has ruled that not all information concerning natural persons automatically enjoys protection under applicable European data protection law, in particular when it comes to a right of access, and that a subtle distinction is to be made which shall, in the future, certainly lead to debate in practice.

• CRI 2014, 175-177
• CRI 2014, 177-183
• CRI 2014, 183-184
• CRI 2014, 185-186

Updates

• Piik, Ave / Kala, Kaspar, Estonia: Unique E-Residency Regime – Towards the End of the Nation States As We Know Them?, CRI 2014, 186-187
• Gürkaynak, Gönenç / Yılmaz, ˙Ilay, Turkey: New E-Money Legislation Up and Running, CRI 2014, 188-189
• Liguori, Laura, Italy: Resolution of the Italian Data Protection Authority on the Use of Cookies, CRI 2014, 189-190
• Cullaffroz-Jover, Sandrine, France: Enhanced Investigative Powers of Data Protection Authority, CRI 2014, 190-191

About the Authors

• About the Authors, CRI 2014, 192