Over the past few years, Google has been involved in a slate of high-stakes privacy litigation, in issues ranging from the removal of offensive video footage to the rollout of its Street View service to the emerging right to be forgotten. Last week, Google privacy aficionados received another landmark case to add to an increasingly rich library with the England and Wales Court of Appeal decision in Google v. Vidal-Hall. The case involved Google’s alleged circumvention of privacy settings in Apple’s Safari browser, allegations that Google settled with the Federal Trade Commission and state attorneys general in the U.S. for more than $22 million and $17 million respectively.
The UK court’s sweeping 50-page opinion is one of the most significant judicial decisions in the privacy space since the dawn of the Data Protection Directive 20 years ago. Ironically, it comes at a time when the directive is on the verge of sunset, being replaced by the General Data Protection Regulation.
Still, the Vidal-Hall decision is a prize for lawyers who for years have been clamoring for an authoritative interpretation of European data protection law. In Europe, data protection enforcement is sporadic, and very few cases reach the courts. Even the handful of cases that reach their zenith, such as the CJEU decisions in the Lindqvist and Costeja (right to be forgotten) cases, are short on analytical reasoning. Indeed, scholars have been frustratedporing over the CJEU Costeja case for clues about the justifications for the court’s decision, which was delivered in terse, parsimonious terms. The Vidal-Hall decision is different, vindicating the capacity of English common law to breathe life into existing legal concepts and legislation.
Read the full piece at the International Association of Privacy Professionals' website.