The Archives

The collection of all scholarly commentary on law, economics, and more

Showing archive for:  “GDPR”

From Europe, with Love: Lessons in Regulatory Humility Following the DMA Implementation

The European Union’s implementation of the Digital Markets Act (DMA), whose stated goal is to bring more “fairness” and “contestability” to digital markets, could offer some important regulatory lessons to those countries around the world that have been rushing to emulate the Old Continent.  The first regards “regulatory humility.” Designing ex ante regulation to promote ... From Europe, with Love: Lessons in Regulatory Humility Following the DMA Implementation

Will the EU-U.S. Data Privacy Bridge Hold?

With the European Commission’s recent announcement that it had deemed the revamped data-protection framework from the United States to be “adequate” under the European Union’s stringent General Data Protection Regulation (GDPR), the stage is set for what promises to be a legal rollercoaster in the European Court of Justice (CJEU). The Commission’s decision is certain ... Will the EU-U.S. Data Privacy Bridge Hold?

Norwegian Decision Banning Behavioral Advertising on Facebook and Instagram

The Norwegian Data Protection Authority (DPA) on July 14 imposed a temporary three-month ban on “behavioural advertising” on Facebook and Instagram to users based in Norway. The decision relied on the “urgency procedure” under the General Data Protection Regulation (GDPR), which exceptionally allows direct regulatory interventions by other national authorities than the authority of the country ... Norwegian Decision Banning Behavioral Advertising on Facebook and Instagram

The CJEU’s Decision in Meta’s Competition Case: Sensitive Data and Privacy Enforcement by Competition Authorities (Part 2)

Yesterday, I delved into the recent judgment in the Meta case (Case C-252/21) from the Court of Justice of the European Union (CJEU). I gave a preliminary analysis of the court’s view on some of the complexities surrounding the processing of personal data for personalized advertising under the GDPR, focusing on three lawful bases for ... The CJEU’s Decision in Meta’s Competition Case: Sensitive Data and Privacy Enforcement by Competition Authorities (Part 2)

The CJEU’s Decision in Meta’s Competition Case: Consequences for Personalized Advertising Under the GDPR (Part 1)

Today’s judgment from the Court of Justice of the European Union (CJEU) in Meta’s case (Case C-252/21) offers new insights into the complexities surrounding personalized advertising under the EU General Data Protection Regulation (GDPR). In the decision, in which the CJEU gave the green light to an attempt by the German competition authority (FCO) to ... The CJEU’s Decision in Meta’s Competition Case: Consequences for Personalized Advertising Under the GDPR (Part 1)

Biweekly FTC Roundup: Bureau of Let’s-Sue-Meta Edition

The Federal Trade Commission (FTC) might soon be charging rent to Meta Inc. The commission earlier this week issued (bear with me) an “Order to Show Cause why the Commission should not modify its Decision and Order, In the Matter of Facebook, Inc., Docket No. C-4365 (July 27, 2012), as modified by Order Modifying Prior Decision and Order, In ... Biweekly FTC Roundup: Bureau of Let’s-Sue-Meta Edition

The AI Act and Regulatory Overaggregation

It appears that the emergence of ChatGPT and other artificial-intelligence systems has complicated the European Union’s efforts to implement its AI Act, mostly by challenging its underlying assumptions. The proposed regulation seeks to govern a diverse and rapidly growing AI landscape. In reality, however, there is no single thing that can be called “AI.” Instead, the category comprises ... The AI Act and Regulatory Overaggregation

GDPR Decision Against Meta Highlights that Privacy Regulators Don’t Understand ‘Necessity’

The €390 million fine that the Irish Data Protection Commission (DPC) levied last week against Meta marks both the latest skirmish in the ongoing regulatory war on the use of data by private firms, as well as a major blow to the ad-driven business model that underlies most online services.  More specifically, the DPC was ... GDPR Decision Against Meta Highlights that Privacy Regulators Don’t Understand ‘Necessity’

European Commission Tentatively Finds US Commitments ‘Adequate’: What It Means for Transatlantic Data Flows

Under a draft “adequacy” decision unveiled today by the European Commission, data-privacy and security commitments made by the United States in an October executive order signed by President Joe Biden were found to comport with the EU’s General Data Protection Regulation (GDPR). If adopted, the decision would provide a legal basis for flows of personal ... European Commission Tentatively Finds US Commitments ‘Adequate’: What It Means for Transatlantic Data Flows

Biden’s Data Flows Order: Does It Comport with EU Law?

European Union officials insist that the executive order President Joe Biden signed Oct. 7 to implement a new U.S.-EU data-privacy framework must address European concerns about U.S. agencies’ surveillance practices. Awaited since March, when U.S. and EU officials reached an agreement in principle on a new framework, the order is intended to replace an earlier ... Biden’s Data Flows Order: Does It Comport with EU Law?

How Not to Use Industrial Policy to Promote Europe’s Digital Sovereignty

The concept of European “digital sovereignty” has been promoted in recent years both by high officials of the European Union and by EU national governments. Indeed, France made strengthening sovereignty one of the goals of its recent presidency in the EU Council. The approach taken thus far both by the EU and by national authorities ... How Not to Use Industrial Policy to Promote Europe’s Digital Sovereignty

The Road to Antitrust’s Least Glorious Hour

Things are heating up in the antitrust world. There is considerable pressure to pass the American Innovation and Choice Online Act (AICOA) before the congressional recess in August—a short legislative window before members of Congress shift their focus almost entirely to campaigning for the mid-term elections. While it would not be impossible to advance the ... The Road to Antitrust’s Least Glorious Hour