CJEU v. 22 June 2023 - C-579/21, EU: Scope of the right of access to information according to Article 15 GDPR, CRi 2025, S001

CJEU v. 5 December 2023 - C-683/21, EU: Imposition of Administrative Fines on Enterprises due to infringement of the GDPR, CRi 2025, S002

Court of Appeals for the 3rd Circuit v. 27 August 2024 - 22-3061, USA: Liability of TikTok for Recommendation on “For Your Page”, CRi 2025, S003

Court of Appeals for the 2nd Circuit v. 15 October 2024 - Docket No. 23-1147, USA: Privacy Protection Against Third Party Tracking Pixel, CRi 2025, S004

Beardwood, John, Ouch – that’s gotta hertz: Lessons Learned from Hertz v. Accenture , CRi 2025, S005

The article begins by providing an overview of the failure of the project, from the perspective of the customer (The Hertz Corporation) and then the vendor (Accenture LLP) as well as briefly reviews the key project documents (I.); examines the key issues and lessons learned from the lawsuit (II.); and then concludes with an assessment of how while Accenture may have won the battle, it likely lost the war (III.).

High Court of Justice (Kings Bench Division) v. 23 January 2025 - KB-2023-000775, UK: Problem Gambler’s Consent Insufficient for Cookies or Direct Marketing, CRi 2025, S006

District Court for the District of Delaware v. 11 February 2025 - No. 1:20-cv-613-SB, USA: Training Non-Generative AI with Copyrighted Material under Fair Use Exception, CRi 2025, S007

Haperen, Olaf van, GDPR Enforcement Beyond EU-Borders, CRi 2025, S009

After a brief introduction (I.), the article summarises the reasoning of the Dutch Data Protection Authority (II.) and examines the challenges of enforcing GDPR against companies outside the EU (III.) as well as the potential future impact of the upcoming European Union Artificial Intelligence (AI) Act on such cases (IV.). A particular emphasis is placed on how the AI Act’s provisions may influence future regulatory decisions and enforcement actions involving AI technologies such as facial recognition, biometric data processing, and surveillance.

Beardwood, John, Gadzooks – The Standard ERP Software Licence Strikes Again! Lessons Learned From Samuels & Son Seafood Co., Inc. v. Infor (US) , CRi 2025, S011

Every once in a while a technology lawsuit comes along which is not in the hundreds of millions of dollars, and does not involve major customers, but nevertheless encapsulates the unfortunate experiences that many medium-sized enterprises have with software implementations. The case of Samuels & Son Seafood Co., Inc., v. Infor (US), Inc., is exactly that lawsuit. It again evidences the importance of customers engaging in a robust procurement for the selection of both the ERP software licensor and the implementer; the perils of customers agreeing to inappropriately standard and time-banded limited warranties in ERP implementations; where an ERP failure has occurred, the challenge of suing only the licensor and not the implementer; and finally, the strong headwinds customers will face in endeavoring to compensate for contracts which fail to reflect pre-contractual promises of software functionality, by vainly trying to rely on implied warranties of fitness and merchantability.
The article first provides an overview of the failure of the project (I.) and reviews the lawsuit from the perspective of the customer (Samuels & Son Seafood Co., Inc.) and then the vendor (Infor (US), Inc.); (II.). Then the examination of the key issues leads to five lessons learned from the lawsuit (III.) and two general observations (IV.).

Notice, CRi 2025, S012

Court of Appeals for the District of Columbia Circuit v. 18 March 2025 - No. 23-5233, USA: The Human Concept of “Author”, CRi 2025, S013

Gehrmann, Mareike Christine / Brings, Paul / Tenta, Jason, US E-Discovery and EU Compliance: A Clash of Laws, CRi 2025, S015

German companies facing e-discovery requests run the risk of being unable to comply with both German and US requirements. In addition to data protection requirements, such as the need to be able to demonstrate a legal basis for processing and transferring data, there are also challenges in terms of German employment law and telecommunications law.