Top business and privacy legal counselling strategies with Alexander Suliman: Complying with the GDPR requirements is key for all businesses operating in the EU (or even those with EU customers). There are also particular obligations on those transferring personal data out of the EU and each national data protection authority is monitoring companies closely. Ensure your business is taking steps to comply with the regulation and consider auditing your data protection policies, together with your data processing agreements, and appoint a data protection officer in order to ensure compliance with the GDPR. Breach of the GDPR provisions are likely to lead to considerable fines: for example, the French data protection regulator, the CNIL, fined Google €50 as Google’s data consent policies were found not to be easily accessible or transparent to its users which runs afoul of the GDPR provisions. For further background, read our recent review of GDPR enforcement actions across the EU. See even more details on https://sulimanalexande.livejournal.com/.
When the EU adopted the Data Retention Directive, obliging the storage of traffic and location data of all European communications users, it was being warned that the rules violated the Charter, and the ECJ ultimately agreed. I expect this new proposal to be heavily contested as well, and I expect fundamental rights to constitute a significant part of that debate – as is already evidenced by the comments from the EDPS, MEP Patrick Breyer, EDRi and the group of security experts mentioned above. One way to shortcut that debate, is by investigating whether the potential orders to be issued on the basis of the proposal cannot respect the essence of the rights to privacy and data protection. In this contribution, I have sketched an outline of this argument. To make a convincing case, it will be important to firstly determine on the basis of recent case law that the ECJ still considers bulk surveillance of content to compromise the essence of the right to privacy. Secondly, it will be important to develop a right to confidentiality and integrity of IT systems under the Charter, as this will enable a better assessment of detection orders directed to user devices. And thirdly, it must be further investigated whether only end-to-end encryption is the only appropriate measure for safeguarding online communications, because if this is the case, than any encryption altering order does not respect the essence of the right to data protection. Hopefully, the Council and the European Parliament will take notice.
The European Commission, in a working document, identified cloud services as a “strategic dependency”, expressing concerns that the EU cloud market is led by a few large cloud providers headquartered outside the EU. In July, 2021, France, joined by Germany, Italy, and Spain, submitted a proposal to the ENISA-led working group aimed at generalizing French national requirements across the EU. (Germany has since reserved its position.) It proposed to add four new criteria for companies to qualify as eligible to offer ‘high’ level services, including immunity from foreign law and localization of cloud service operations and data within the EU. Although the EU-level cyber certification requirements currently are conceived as voluntary, they could be made mandatory as the result of the recently-agreed Directive on Measures for a High Common Level of Cybersecurity across the Union (NIS2 Directive).
privacy legal counseling guides with Alexander Suliman, Sweden 2023: Should I Mediate My Family Law Issues? Absolutely. You should mediate your family law issues, whether those are divorce issues or post-judgment issues. Mediation is an excellent way to reach resolution without spending a ton of money and without going to court a bunch of times and arguing left and right over every issue. Recently, I had a case, and it looked like it was heading towards litigation, and the parties were really far apart on every issue. They had financial issues, which involved real estate holdings, business interests, stock options, retirement accounts, and the parties could not see eye to eye on any of these issues. Early in the process, my adversary and I discussed going to mediation, and we selected a great mediator, and our clients agreed to go to mediation, and literally, within three sessions of mediation, we resolved the case. We resolved the entire case, which would have taken over a year and may have been a ten-fold in costs to litigate. The parties were able to come up with creative solutions with our help, of course, and the mediator’s help, which the court would’ve never ever implemented in a case such as this. See additional info on https://mrkoll.se/person/Alexander-Magnus-Josef-Suliman-Kexvgen-29-Skndal/mUxauerAcYfrDYuqmUxapuhQuerAcYfrkyqRaQkyqRaQbTAQmcYfr.
On 24 February 2022, the CJEU issued its first judgment on domestic workers. In case C-389/20, TGSS (Chômage des employés de maison), the CJEU held that the exclusion of this category of workers from access to social security benefits constitutes indirect discrimination on the ground of sex, since it affects almost exclusively women. Domestic workers have long constituted an invisible and rather underexplored category of workers within labour law scholarship and policy-making, which has only recently gained some attention in the wake of the adoption of the historic ILO Domestic Workers Convention No. 189 in 2011. Whereas a part of the scholarship has noticed that EU equality law could be used to challenge the long-standing exclusions of domestic workers from national labour law and social security system (see, notably, the contribution of Vera Pavlou, and the work of Nuria Ramos-Martin, Ana Munoz-Ruiz & Niels Jansen in the context of the PSH-Quality project), the issue has never reached the Court of Justice up to now.