• Personalised Communication

    Understanding The Use And Effects Of Personalised Media And Their Implications For Law And Policy

    Lees meer
  • 19th International Copyright Law Summer Course

    2-6 July 2018

    Lees meer
  • 6th Privacy Law and Policy Summer Course

    2-6 July 2018


    Lees meer



About finding practical solutions (without the GDPR)

van Eijk, N.



Unfair Commercial Practices: A Complementary Approach to Privacy Protection

Hoofnagle, C.J.

Kannekens, E.

van Eijk, N.

Millions of European internet users access online platforms where their personal data is being collected, processed, analysed or sold. The existence of some of the largest online platforms is entirely based on data driven business models. In the European Union, the protection of personal data is considered a fundamental right. Under Article 8(3) of the EU Charter of Fundamental Rights, compliance with data protection rules should be subject to control by an independent authority. In the EU, enforcement of privacy rules almost solely takes place by the national data protection authorities. They typically apply sector-specific rules, based on the EU Data Protection Directive. In the United States, the Federal Trade Commission is the primary enforcer of consumers’ (online) privacy interests. The agency’s competence is not based on the protection of fundamental rights, but on the basis that maintenance of a competitive, fair marketplace will provide the right choices for consumers to take. In this Article the US legal framework will be discussed and compared to the EU legal framework, which forms our finding that in the EU rules on unfair commercial practices could be enforced in a similar manner to protect people’s privacy. In the EU, the many frictions concerning the market/consumer-oriented use of personal data form a good reason to actually deal with these frictions in a market/consumer legal framework.


Tracking walls, take-it-or-leave-it choices, the GDPR, and the ePrivacy regulation

Boerman, S.C.

Helberger, N.

Kruikemeier, S.

Zuiderveen Borgesius, F.

On the internet, we encounter take-it-or-leave-it choices regarding our privacy on a daily basis. In Europe, online tracking for targeted advertising generally requires the internet users’ consent to be lawful. Some websites use a tracking wall, a barrier that visitors can only pass if they consent to tracking by third parties. When confronted with such a tracking wall, many people click ‘I agree’ to tracking. A survey that we conducted shows that most people find tracking walls unfair and unacceptable. We analyse under which conditions the ePrivacy Directive and the General Data Protection Regulation allow tracking walls. We provide a list of circumstances to assess when a tracking wall makes consent invalid. We also explore how the EU lawmaker could regulate tracking walls, for instance in the ePrivacy Regulation. It should be seriously considered to ban tracking walls, at least in certain circumstances.


The proposed publishers' right in press publications: an evidential mistake

van Gompel, S.

Proceedings of the conference 'Better regulation for copyright: academics meet policy makers', Brussels: University of Southampton & The Greems/EFA in the European Parliament, 6 September 2017, p. 11-16.


Report of the Netherlands for ALAI 2017 Study Days (Copenhagen)

van Schaik, R.

van Gompel, S.

ALAI Congress 2017 in Copenhagen, Copyright, to be or not to be


Over wetgeving, implementatie en beleid - Kroniek van het auteursrecht in Nederland 2010-2016

van Gompel, S.

Het is alweer zes jaar geleden dat de laatste kroniek over het Nederlands auteursrecht in Auteurs & Media is gepubliceerd(1). Hoog tijd dus om de draad op te pakken en de stok van mijn illustere voorganger over te nemen. Deze kroniek bespreekt de belangrijkste ontwikkelingen op het gebied van auteursrechtwetgeving en -beleid in Nederland in de afgelopen zes jaren, waaronder de introductie van het auteurscontractenrecht, de afschaffing van geschriftenbescherming, de versterking van het toezicht op collectieve beheersorganisaties en de implementatie van de Richtlijnen 2012/28/EU (verweesde werken) en 2011/77/EU (verlenging beschermingsduur naburige rechten). Door deze nieuwe wetgeving is de Nederlandse Auteurswet (Aw) en Wet op de naburige rechten (Wnr) op diverse plaatsen aangepast.


Literature review on the use of licensing in library context, and the limitations this creates to access to knowledge

Yakovleva, S.

The dual purpose of this literature review is, first, to identify and summarise limitations that result from the use of copyright licences in a library context, and, second, to illustrate these limitations with specific examples available in both the academic and grey literature. The licences discussed in the reviewed literature deal essentially with access to, and use of, digital content.


The perfect match? A closer look at the relationship between EU consumer law and data protection law

Helberger, N.

Reyna, A.

Zuiderveen Borgesius, F.

Draft version. Final version published in Common Market Law Review, 2017, nr. 5, p. 1427-1466.

In modern markets, many companies offer so-called “free” services and monetize consumer data they collect through those services. This paper argues that consumer law and data protection law can usefully complement each other. Data protection law can also inform the interpretation of consumer law. Using consumer rights, consumers should be able to challenge excessive collection of their personal data. Consumer organizations have used consumer law to tackle data protection infringements. The interplay of data protection law and consumer protection law provides exciting opportunities for a more integrated vision on “data consumer law”.


A Roadmap to Enhancing User Control via Privacy Dashboards

Irion, K.

Thompson, M.

van Hoboken, J.

Yakovleva, S.

Amsterdam / Hong Kong: IViR, 2017.

This report presents and draws on multidisciplinary insights into what characterises effective user control over the collection and use of personal data. User controls arise from the interplay of a number of conditions. These are partly technical but also connected to different aspects of user behaviour, the intricacies of design, as well as the internal and external incentives in privacy governance that exist today. Our review of the state of research underscores that devising effective user controls require close collaboration between different disciplines, clear regulatory guidance and scientifically-backed assessments.


Estimating displacement rates of copyrighted content in the EU

de Bas, P.

Haffner, R.

Poort, J.

Rohlfs, S.

Van der Ende, M.

van Til, H.

Yagafarova, A.

The extent to which digital consumption of pirated materials displaces legitimate purchases is of fundamental importance for EU copyright policy design. The European Commission has commissioned Ecorys to carry out a study on the relation between online copyright infringement (digital piracy) and sales of copyrighted content. This study adds to the existing literature in at least three ways. Firstly, it compares piracy rates in multiple EU Member States calculated according to the same methodology. This makes it possible to compare results between countries. Secondly, displacement rates are estimated in the presence of an important recent phenomenon, i.e. the widespread availability of a wide variety of services for downloading or streaming content. Thirdly, the study includes minors to assess the extent of piracy among this group.


The freely given consent and the "bundling" provision under the GDPR

Kostić, B.

Vargas Penagos, E.

Under European data protection law, consent of the data subject is one of the six grounds for lawful processing of personal data. It is such an important ground that lawmakers considered it necessary to provide a legal definition of consent. One of the conditions under this definition is that it needs to be “freely given.” The General Data Protection Regulation (GDPR) 3 has further expanded on this concept in Article 7(4). It refers to a situation under which consent might not be considered “freely given.” If consent is invalid because it is not freely given, the processing is usually unlawful. Consequently, a legal basis for processing is missing. Therefore, this is an important provision. Yet the wording of this new provision is vague and its scope is unclear. Thus, the question arises as to how Article 7(4) should be applied. In this paper, the authors tease out the assessment criteria for the application of this provision on the basis of its text, structure and history. These criteria will then be applied to hypothetical cases in the final section.


Standards for Independent Oversight: The European Perspective

van Eijk, N.

In: Bulk Collection: Systematic Government Access to Private-Sector Data, ed. F.H. Cate & J.X. Dempsey, Oxford University Press, 2017, ISBN: 9780190685515.

There are many ways to approach the question of government access to private-sector data. Much of the recent public debate has focused on access in the context of national security and traditional law enforcement, with respect to both targeted and untargeted access to data collected and processed by third parties. As more and more data is collected and stored by the private sector (“big data”), the amount of data that can be retrieved by governments is steadily increasing. A new “third domain” has emerged, where data is used for social security and tax surveillance and other types of non- traditional law enforcement. The Digital Rights Ireland case is the point of departure of this chapter. Next, two recent judgments by national courts are described, in which national data retention rules were tested against the ruling in the Digital Rights Ireland case and the necessity of independent oversight was discussed in further detail. This chapter draws from a recent study by the Institute for Information Law (IViR) to formulate standards for independent oversight. These standards are based on a broader analysis of the relevant jurisprudence of the European Court of Justice— including the Digital Rights Ireland case— and of the European Court of Human Rights (ECtHR). The analysis is also based on selected studies, reports, resolutions, and recommendations.


Media coverage of elections: the legal framework in Europe

Apa, E.

Bassini, M.

Bruna, A.

Cabrera Blázquez, F.

Cunningham, I.

Etteldorf, C.

Fahy, R.

Goldberg, D.

Granchet, A.

Klimkiewicz, B.

Richter, A.

Rozendaal, M.

IRIS Special, 2017-1, European Audiovisual Observatory, Strasbourg, ISBN: 9789287184870


Kroniek Telecommunicatierecht

van Eijk, N.


Data property: Unwelcome Guest in the House of IP

Hugenholtz, P.

Publication forthcoming in Kritika. Essays on Intellectual Property, Vol. III

This paper argues against the idea of a ‘data producer’s right’. Introducing a property right in machine-generated data would seriously compromise the system of intellectual property law that currently exists in Europe. It would also contravene fundamental freedoms enshrined in the European Convention on Human Rights and the EU Charter, distort freedom of competition and freedom of services in the EU, restrict scientific freedoms and generally undercut the promise of big data for European economy and society.


The Chilling Effect of Liability for Online Reader Comments

Fahy, R.

This article assesses how the European Court of Human Rights has responded to the argument that holding online news media liable for reader comments has a chilling effect on freedom of expression. The article demonstrates how the Court first responded by dismissing the argument, and focused on the apparent lack of evidence for any such chilling effect. The article then argues that the Court has moved away from its initial rejection, and now accepts that a potential chilling effect, even without evidence, is integral to deciding whether online news media should be liable for reader comments. Finally, the article argues that this latter view is consistent with the Court’s precedent in other areas of freedom of expression law where a similar chilling effect may also arise.


Online Price Discrimination and EU Data Privacy Law

Poort, J.

Zuiderveen Borgesius, F.

Online shops could offer each website customer a different price. Such personalized pricing can lead to advanced forms of price discrimination based on individual characteristics of consumers, which may be provided, obtained, or assumed. An online shop can recognize customers, for instance through cookies, and categorize them as price-sensitive or price-insensitive. Subsequently, it can charge (presumed) price-insensitive people higher prices. This paper explores personalized pricing from a legal and an economic perspective. From an economic perspective, there are valid arguments in favour of price discrimination, but its effect on total consumer welfare is ambiguous. Irrespectively, many people regard personalized pricing as unfair or manipulative. The paper analyses how this dislike of personalized pricing may be linked to economic analysis and to other norms or values. Next, the paper examines whether European data protection law applies to personalized pricing. Data protection law applies if personal data are processed, and this paper argues that that is generally the case when prices are personalized. Data protection law requires companies to be transparent about the purpose of personal data processing, which implies that they must inform customers if they personalize prices. Subsequently, consumers have to give consent. If enforced, data protection law could thereby play a significant role in mitigating any adverse effects of personalized pricing. It could help to unearth how prevalent personalized pricing is and how people respond to transparency about it.


Meer Publicaties