Conflict of Laws header image


Pietro Franzina

This post has been written by Martina Mantovani.

On 4 May 2016, Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, or GDPR) was published on the Official Journal. It shall apply as of 25 May 2018.

Adopted on the basis of Article 16(2) TFEU, the Regulation is the core element of the Commission’s Data protection reform package, which also includes a Directive for the protection of personal data with regard to the processing by criminal law enforcement authorities.

The new measure aims at modernising the legislative framework for data protection, so as to allow both businesses and citizens to seize the opportunities of the Digital Single Market.

First and foremost, businesses will benefit from a simplified legal landscape, as the detailed and uniform provisions laid down by the GDPR, which are directly applicable throughout the EU, will overcome most of the difficulties experienced with the divergent national implementations of Directive 95/46/EC, and with the rather complex conflict-of-law provision which appeared in Article 4 of the Directive.

Nevertheless, some coordination will still be required between the laws of the various Member States, since the new regime does not entirely rule out the relevance of national provisions. As stated in Recitals 8 and 10, the GDPR ‘provides a margin of manoeuvre for Member States’ to restrict or specify its rules. For example, Member States are allowed to specify or introduce further conditions for the processing depending, inter alia, on the nature of the data concerned (Recital 53 refers, in particular, to genetic, biometric, or health-related data).

Secondly, the new Regulation marks a significant extension of the extraterritorial application of EU data protection law, with the express intent of leveling the playing field between European businesses and non-EU established companies operatig in the Single Market. In delimiting the territorial scope of application of the new rules, Article 3 of the GDPR borrows on the case-law of the Court of Justice regarding Article 4 of Directive 96/45/EC. Pursuant to Article 3(1), the Regulation applies to any processing of personal data in the context of the activities of an establishment of a controller or a processor in the Union, regardless of whether the processing itself takes place within the Union or not (along the lines of the Google Spain case).

Moreover, Article 3(2) refers to the targeting, by non-EU established controllers and processors, of individuals ‘who are in the Union’, for the purposes of offering goods or services to such subjects or monitoring their behaviours. This connecting factor, further specified by Recital 23 in keeping with the findings of the Court of Justice in Weltimmois somehow more specific than the former ‘equipment/means’ criteria set out by the Directive (cfr. Opinion 8/2010 of the Working Party on the Protection of Individuals with regard to the processing of personal data, on applicable law).

One of the key innovations brought along by the GDPR is the so-called one-stop-shop mechanism. The idea, in essence, is that where a data controller or processor processes information relating to individuals in more than one Member State, a supervisory authority in one EU Member State should be in charge of controlling the controller’s or processor’s activities, with the assistance and oversight of the corresponding authorities of the other Member States concerned (Article 52). It remains to be seen whether the watered down version which in the end found its way into the final text of the Regulation will effectively deliver the cutting of red tape promised to businesses.

The other goal of the GDPR is to provide individuals with a stronger control on their personal data, so as to restore consumers’ trust in the digital economy.  To this end, the new legislative framework updates some of the basic principles set out by Directive 95/46/EC — which are believed to ‘remain sound’ (Recital 9) — and devises some new ones, in order to further buttress the position of data subjects with respect to their own data.

On 17 March 2016, the Council on General Affairs and Policy of the Hague Conference on Private International Law decided to set up a Special Commission to prepare a draft Convention on the recognition and enforcement of foreign judgments (the Hague Judgments Convention), while endorsing the recommendation of the Working Group on the Judgments Project that matters relating to direct jurisdiction should be put for consideration to the Experts’ Group of the Judgments Project soon after the Special Commission has drawn up a draft Convention.

On 15 April 2016, the Faculty of Law of the University of Santiago de Compostela will host a conference on Security rights and the European Insolvency Regulation: From Conflicts of Laws towards Harmonization.

Speakers include Paul Beaumont (Univ. of Aberdeen), Francisco Garcimartín Alferez (Autonomous Univ. of Madrid), Anna Gardella (European Banking Authority), Wolf-Georg Ringe (Copenhagen Business School), Françoise Pérochon (Univ. of Montpellier) and Paul Omar (Nottingham Trent University).

The Department of Law of the University of Ferrara hosts a series of seminars, organised by Alberto De Franceschi, under the title New Features of European Contract Law – Towards a Digital Single Market.

The seminars, in English, will run from 9 March to 25 May 2015 2016.

This post has been written by Ilaria Aquironi.

On 2 March 2016 the European Commission adopted  a proposal for a Council decision authorising enhanced cooperation in the area of jurisdiction, applicable law and the recognition and enforcement of decisions on the property regimes of international couples, covering both matters of matrimonial property regimes and the property consequences of registered partnerships (COM(2016) 108 final).

This post has been written by Ilaria Aquironi.

After nearly three years of negotiations, the time apparently has come for the adoption of a regulation aimed at simplifying the requirements for presenting certain public documents in the European Union (the initial proposal may be found here).

In 2015, the Council on General Affairs and Policy of the Hague Conference decided that an Experts’ Group should be convened to explore the feasibility of advancing work on the private international law issues surrounding the status of children, including issues arising from international surrogacy arrangements (for further information on the Parentage / Surrogacy project, see here).

This post has been written by Ilaria Aquironi.

On 15 April 2016 the Law Faculty of the University of Santiago del Compostela will host an international conference on Security Rights and the European Insolvency Regulation: from Conflicts of Laws towards Harmonization. The event is part of the Security Rights and the European Insolvency Regulation Project.

By Verity Winship (University of Illinois College of Law).

In DIRECTV, Inc. v. Imburgia – decided on December 14, 2015 – the US Supreme Court enforced a no-class-action arbitration clause, shutting down a consumer class action.

In Florin Lazar, a judgment rendered on 10 December 2015 (C-350/14), the ECJ clarified the interpretation of Article 4(1) of Regulation (EC) No 864/2007 on the law applicable to non-contractual obligations (Rome II).