24 February 2023
A Unique Identification Number for Every European Citizen
On 3 June 2021, the European Commission issued a proposal for a European Digital Identity Regulation, which seems to not have raised much discussion among legal scholars, even though digital identity raises several fundamental rights implications. The introduction of a unique and persistent identifier may be understandable from a practical point of view, but cannot be accepted due to its risks and the fact that it potentially infringes the German prohibition on general unique identifiers. Continue reading >>
0 
06 December 2022
Throwing the Delegation Doctrine to the Winds
In November 2022, the Indian Ministry of Electronics & Information Technology published the draft Digital Personal Data Protection Bill, 2022 (‘the 2022 Bill’). In this article, I analyse the 2022 Bill from a constitutional law perspective. I argue that the 2022 Bill’s provisions as to subordinate legislation fly in the face of the Indian Supreme Court’s delegation doctrine inasmuch as these provisions set no coherently determinable legislative policy, thereby allowing the Executive to exercise plenary legislative power through delegated legislation. This, I further argue, is a breach of the principle of separation of powers as it exists in Indian constitutional jurisprudence. Continue reading >>
0
21 October 2022
Towards a data-subject-friendly interpretation of Article 82 GDPR
Under the GDPR, Article 82 is the only instrument to claim compensation resulting from data protection infringements. So far, it has not been interpreted by the CJEU. To date, nine preliminary references on the interpretation of Article 82 have been made by national courts. On 6 October 2022, Advocate General Sánchez-Bordona delivered his Opinion in one of them. Since it will be the first CJEU judgment on this subject, it will have a profound impact on the further development of EU data protection law, in particular, its private enforcement. Continue reading >>18 October 2022
Digital Autonomy in Contractual Relationships
It is rare for two Advocates General of the European Court of Justice to differ on the interpretation of a fundamental legal act of the European Union. This is what recently occurred with regard to the General Data Protection Regulation. Continue reading >>09 September 2022
Frontex and Data Protection
Frontex has become notorious for its multiple fundamental rights violations, including pushbacks. The problem of fundamental rights infringements associated with the Agency has been lasting for years, leading ultimately to the resignation of the Executive Director. What I argue in this post is, first, that the fundamental right to the protection of personal data by Frontex has not yet received sufficient attention by scholars and EU institutions. Second, data protection within the Agency needs to be strengthened to prevent any future new scandals. Continue reading >>
0
21 May 2022
Enabling Digital Authoritarianism in the Name of Counterterrorism
Nigeria's transition to a digital economy is in full swing. As terrorism and violent extremism are ravaging certain parts of the country, the mounting insecurity has necessitated huge budgetary allocations to national security, giving way to a new kind of digital authoritarianism. Serious concerns have been raised regarding the misuse of collected data and arbitrary surveillance, which undermine human rights and civic freedoms. Continue reading >>
0
18 May 2022
GDPR Collective Litigation Against Facebook
The recent CJEU Case C-319/20, Meta Platforms Ireland provides insights on the interpretation of Article 80(2) of the Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR), which regulates representative actions in the data protection field. The Court of Justice specified that actions protecting general interests fall under the scope of Article 80(2) GDPR, but leaves the task unmoved to reconcile this provision with the Directive on Representative Actions (DRA). Continue reading >>
0
17 May 2022
Boda boda registration in Kenya
In Kenya, typical moments during which citizens' rights are limited have followed emergencies, such as terrorist attacks or the COVID-19 pandemic. It is much easier to implement personally invasive policies such as biometric identification under urgency and addressing only a section of the public. A recent incident involving motorcycle taxis in Kenya, popularly known as boda bodas, illustrates this. Continue reading >>
0
12 April 2022
Electronic Surveillance in a Time of Democratic Crisis
The Polish experience demonstrates how a determined populist government, using the tools available in a democracy, can in a relatively short space of time erode legal safeguards established to control state surveillance activity. The understandable secrecy surrounding the work of the security services must not create an opportunity for the abuse of powers. Surveillance without adequate control weakens democracy, leads to a distortion of its principles, and ultimately, as the ECtHR has warned, threatens its very existence. Continue reading >>
0
11 April 2022
Function creep, altered affordances, and safeguard rollbacks
Alongside the expansion of surveillance regimes, there is a parallel development of equal importance, through what could be described as safeguard rollbacks. These are different from surveillance creep, in that the aim and purpose of surveillance mandates remains largely the same, but the associated safeguards are gradually weakened. These rollbacks have generally taken place where mandates were initially put in place with strict limits to ensure proportionality and legal certainty, but where the effectiveness of those mandates are later argued to be limited due to the safeguards themselves. Continue reading >>
0