[privacy, data protection, Facebook, transfers of personal data to USA]
[(
1) The Data Protection Act 1988 as amended prohibits transfers of personal data outside the state unless adequate privacy protections are in place. In 2000, the European Commission had decided that the USA ensured an adequate level of privacy protection for data. A
Safe Harbour framework had been put in place between Europe and the USA regarding transfers of personal data.
(2) In light of the Snowden revelations, Mr Schrems, an Austrian lawyer who runs the “Europe v Facebook” group, made a complaint to the Data Protection Commissioner arguing that the Commissioner should direct that transfers of personal data from Facebook Ireland to Facebook in the USA should cease. Facebook Ireland is responsible for millions of Facebook users outside the USA and Canada.
(3) The Commissioner decided that the request was unsustainable in law. Mr Schrems sought Judicial Review of the Commissioner’s decision.
(4) In the High Court, Hogan J. said that much had changed since 2000, including for example the entry into force of the EU Charter of Fundamental Rights. As a result, he referred questions of EU law to the Court of Justice of the EU (CJEU). He also noted that mass and indiscriminate surveillance of communications as shown by the Snowden revelations would, as a matter of Irish law, be unconstitutional, but that Irish law on this matter had effectively been pre-empted by EU law.]
[privacy, data protection, Facebook, transfers of personal data to USA, amicus curiae]
[The High Court ordered that Digital Rights Ireland (DRI) be added as amicus curiae in the proceedings, which will now proceed to the CJEU. DRI had stated that it would not adopt a position of partisanship. Hogan J. distinguished this case from the case of EMI v UPC [2013] IEHC 204, where DRI was not added as amicus curiae. The court also noted DRI’s successful case before the CJEU –
Case 293-12, Digital Rights Ireland v Minister for Communications ECLI:EU:C:2014:238. The court did not permit DRI as amicus to alter the nature of the questions which it had already proposed should be transmitted to the CJEU.]
[defamation, libel, hosting provider, Twitter]
[The High Court ordered that Twitter remove defamatory posts concerning the mayor of Waterford. The order was made under s.33 of the Defamation Act 2009.]
[copyright, access provider, ISP, torrent, ThePirateBay, blocking order]
[Record companies successfully applied for an order against various ISPs blocking access to the Pirate Bay website, based on the amended s.40 of the Copyright and Related Rights Act 2000. Later in 2013, the record companies successfully applied to the High Court for
Kickass Torrents to be blocked.]
[copyright, access provider, ISP, torrent, ThePirateBay, blocking order, amicus curiae]
[Record companies had instituted proceedings seeking an order against various ISPs blocking access to the Pirate Bay website. Digital Rights Ireland (DRI) applied to be added as an amicus curiae. The Court refused to add DRI to the case. Considering Irish cases on criteria for joining an amicus curiae, the court found that this case did not involve novel principles and DRI was not a neutral party.]
[defamation, hosting provider, preliminary injunction, interlocutory order]
[The plaintiff claimed he had been defamed on the website
www.rate-your-solicitor.com. He successfully sought interlocutory orders under s.33 of the Defamation Act 2009 against certain defendants prohibiting publication of the defamatory statements. The court noted that, since the arrival of the internet, judicial hesitation in granting interlocutory orders of this type should be eased. One of the defendants was the host of the website, Dotster, located in the USA. Dotster had not made an appearance in the case and the court made a final order in default of appearance.]
[defamation, privacy, right to good name, video removal, Norwich Pharmacal orders.]
[The plaintiff had wrongly been identified as the taxi fare evader shown in a video posted on various websites. The judgment primarily concerns the issue of whether the plaintiff could be named on newspaper websites reporting the court case and the court ordered that he could be named. The court noted that it had earlier granted interim orders that social media sites such as YouTube and Google should remove the video and provide the identities of web users who had defamed the plaintiff. The orders regarding identities of web users were granted applying the UK tort case of Norwich Pharmacal v Customs & Excise [1973] UKHL 6. According to media reports, there have been further developments in this case in 2013 and 2014.]
[copyright, access provider, mere conduit, ThePirateBay, E-Commerce Directive]
[Record companies sought orders (1) restraining UPC, an ISP, from making available to the public copies of sound recordings which breach copyright and (2) requiring UPC to block access to the Pirate Bay site. The court found that s.40(4) of the Copyright and Related Rights Act 2000 only covered “removal” of infringing material and therefore an injunction could not be granted. Charleton J. also reconsidered his previous decision in EMI v Eircom [2009] IEHC 411 (see below), in which he granted an order requiring an ISP to block access to the Pirate Bay, and stated that his previous decision in that case had been incorrect. Following this case, s.40 of the 2000 Act was amended by Statutory Instrument in 2012 (see above).]
[privacy, data protection, data retention, access providers, ISP, telephony providers, Directive 2006/24/EC, referral, ECJ, invalidity]
[copyright, data protection, graduated response]
[Record companies had reached a settlement with a large ISP (Eircom) instituting a graduated response system. Charleton J. held that the settlement did not breach data protection laws as IP addresses in the hands of the record companies which do not identify subscribers are not “personal data”. He said that copyright is flagrantly violated by music theft and the sanction of terminating access is not excessive. Eircom’s terms and conditions stated that copyright must not be infringed and subscribers have agreed to these terms.]
High Court: Irish Red Cross v UPC and Google (Unreported, 2010) [see news coverage
here and
here]
[confidentiality, breach, privacy, disclosure, alleged infringer, hosting provider, blog, liability of blog host]
[According to website reports, it appears that the High Court ordered that UPC and Google reveal the name of an anonymous blogger who allegedly breached confidentiality on the Blogger website. Originally Google Ireland was named as defendant but the court permitted Google Inc to be substituted.]
[copyright, access provider, ISP, torrent, ThePirateBay, website blocking order, graduated response]
[Record companies had reached a settlement with a large ISP (Eircom) instituting a graduated response system. The court ordered, on application by the record companies, that Eircom should block access to the Pirate Bay website. The court based its decision on s.40(4) of the Copyright and Related Rights Act 2000 and the Information Society Directive 2001.]
[defamation, libel, hosting provider, gambling, chatroom, forum, E-Commerce Directive, hosting defence]
[Betfair was a gambling site which also operated internet forums (chatrooms) where users could discuss sports events and other issues. The plaintiffs alleged defamation by forum users. As a preliminary issue, Betfair successfully relied on the hosting defence in the E-Commerce Directive as implemented by the 2003 Regulations. The court found that the gambling exception to the Directive and Regulations did not apply as the forums were not directly connected to the gambling part of the site.]
[bullying, intimidation, privacy, hosting provider, bulletin board, website operator, moderator, members, liability, disclosure, identities, alleged infringers, Norwich Pharmacal order]
[This was an action against the operators and moderator of an internet site and bulletin board set up to facilitate discussions by Ryanair pilots. Ryanair alleged that bullying and intimidation of pilots was taking place on the site and sought ‘Norwich Pharmacal’ orders to disclose the identities of certain users of the bulletin board. On reviewing the evidence, Smyth J. found that there was no evidence of bullying or intimidation or that Ryanair had suffered loss. He distinguished this case from EMI v Eircom, 2005 (see below) and the English case of Totalise v Motley Fool [2001] EWCA Civ 1897. He also stated that a balance needed to be struck between justice and privacy.]
[copyright, privacy, confidentiality, access provider, disclosure, identities, alleged infringers, Norwich Pharmacal order]
[Record companies requested Eircom, a large ISP, to provide identities of 17 customers who were allegedly infringing copyright. The High Court ordered that customers’ identities should be passed to the ISP, based on the UK tort case of Norwich Pharmacal v Customs & Excise [1973] UKHL 6. The court also relied on the Canadian case of
BMG Canada v Doe 2004 FC 488.]
