Advocate General’s Opinion in Case C-131/12 Google Spain SL, Google Inc. v Agencia Española de Protección de Datos, Mario Costeja González considers that search engine service providers are not responsible, on the basis of the Data Protection Directive, for personal data appearing on web pages they process.
In early 1998, a newspaper widely circulated in Spain published in its printed edition two announcements concerning a real-estate auction connected with attachment proceedings prompted by social security debts. A person was mentioned as the owner. At a later date an electronic version of the newspaper was made available online by its publisher.
In November 2009 this person contacted the publisher of the newspaper asserting that, when his name and surnames were entered in the Google search engine, a reference appeared linking to pages of the newspaper with these announcements. He argued that the proceedings had been concluded and resolved many years earlier and were now of no relevance. The publisher replied that erasure of his data was not appropriate, given that the publication was effected by order of the Spanish Ministry of Labour and Social Affairs.
In February 2010, he contacted Google Spain and requested that the search results show no links to the newspaper when his name and surnames were entered into Google search engine. Google Spain forwarded the request to Google Inc., whose registered office is in California, United States, taking the view that the latter was the undertaking providing the internet search service.
Thereafter he lodged a complaint with the Agencia Española de Protección de Datos (Spanish Data Protection Agency, AEPD) against the publisher and Google. By a decision on 30 July 2010, the Director of the AEPD upheld the complaint against Google Spain and Google Inc., calling on them to withdraw the data from their index and to render future access to them impossible. The complaint against the publisher was rejected, however, because publication of the data in the press was legally justified. Google Inc. and Google Spain have brought two appeals before the Audiencia Nacional (National High Court, Spain), seeking annulment of the AEPD decision. In this context, this Spanish court has referred a series of questions to the Court of Justice.
In today’s Opinion, Advocate General Niilo Jääskinen addresses first the question of the territorial scope of the application of national data protection legislation. The primary factor that gives rise to its application is the processing of personal data carried out in the context of the activities of an establishment of the controller (according to the Data Protection Directive, the “controller” is the person or body which alone or jointly with others determines the purposes and means of the processing of personal data) on the territory of the Member State. However, Google claims that no processing of personal data relating to its search engine takes place in Spain. Google Spain acts merely as commercial representative of Google for its advertising functions. In this capacity it has taken responsibility for the processing of personal data relating to its Spanish advertising customers.
The Advocate General considers that this question should be examined taking into account the business model of internet search engine providers. This normally relies on keyword advertising which is the source of income and the reason for the provision of a free information location tool. The entity in charge of keyword advertising is linked to the internet search engine. This entity needs a presence on national advertising markets and that is why Google has established subsidiaries in many Member States. Hence, in his view, it must be considered that an establishment processes personal data if it is linked to a service involved in selling targeted advertising to inhabitants of a Member State, even if the technical data processing operations are situated in other Member States or third countries. Therefore, Mr Jääskinen proposes that the Court declare that processing of personal data takes place within the context of a controller’s establishment and, therefore, that national data protection legislation is applicable to a search engine provider when it sets up in a Member State, for the promotion and sale of advertising space on the search engine, an office which orientates its activity towards the inhabitants of that State.
Secondly, as for the legal position of Google as an internet search engine provider, Mr Jääskinen recalls that, when the Directive was adopted in 1995, the Internet and search engines were new phenomena and their current development was not foreseen by the Community legislator. He takes the view that Google is not generally to be considered as a “controller” of the personal data appearing on web pages it processes, who, according to the Directive, would be responsible for compliance with data protection rules. In effect, provision of an information location tool does not imply any control over the content included on third party web pages. It does not even enable the internet search engine provider to distinguish between personal data in the sense of the Directive, which relates to an identifiable living natural person, and other data. In his opinion, the internet search engine provider cannot in law or in fact fulfil the obligations of the controller provided in the Directive in relation to personal data on source web pages hosted on third party servers.
Therefore, a national data protection authority cannot require an internet search engine service provider to withdraw information from its index except in cases where this service provider has not complied with the exclusion codes or where a request emanating from a website regarding an update of cache memory has not been complied with. This scenario does not seem pertinent in the present case. A possible “notice and take down procedure” concerning links to source web pages with illegal or inappropriate content is a matter for national civil liability law based on grounds other than data protection.
Thirdly, the Directive does not establish a general “right to be forgotten”. Such a right cannot therefore be invoked against search engine service providers on the basis of the Directive, even when it is interpreted in accordance with the Charter of Fundamental Rights of the European Union (in particular, the rights of respect for private and family life under Article 7 and protection of personal data under Article 8 versus freedom of expression and information under Article 11 and freedom to conduct a business under Article 16).
The rights to rectification, erasure and blocking of data provided in the Directive concern data whose processing does not comply with the provisions of the Directive, in particular because of the incomplete or inaccurate nature of the data. This does not seem to be the case in the current proceedings.
The Directive also grants any person the right to object at any time, on compelling legitimate grounds relating to his particular situation, to the processing of data relating to him, save as otherwise provided by national legislation. However, the Advocate General considers that a subjective preference alone does not amount to a compelling legitimate ground and thus the Directive does not entitle a person to restrict or terminate dissemination of personal data that he considers to be harmful or contrary to his interests.
It is possible that the secondary liability of the search engine service providers under national law may lead to duties amounting to blocking access to third party websites with illegal content such as web pages infringing intellectual property rights or displaying libellous or criminal information. In contrast, requesting search engine service providers to suppress legitimate and legal information that has entered the public domain would entail an interference with the freedom of expression of the publisher of the web page. In his view, it would amount to censorship of his published content by a private party.
Since 1937, when the first Code of Advertising Practice was issued, ICC has produced, and successively revised, global sets of ethical rules, covering all main marketing disciplines. The ICC Code of Direct Selling forms part of that comprehensive ICC normative system.
In 2006 many of the marketing codes were consolidated into one document, the Consolidated ICC Code of Advertising and Marketing Communication Practice, revised in 2011. As direct selling is primarily a method of distribution, the Direct Selling Code remains a stand-alone document; however, by reference it is clearly linked to the Consolidated Code, which is the recognized global reference point for responsible marketing communications.
The ICC Code of Direct Selling was first published in 1978 and followed the already then well-established ICC policy of promoting high standards of ethics in marketing via self-regulatory codes, intended to complement the existing frameworks of national and international law.
Like its predecessor (2007), this edition has been developed in close co-operation with the World Federation of Direct Selling Associations (WFDSA). That has ensured the Code is based on the best available expertise, and kept apace with changes in practice and direct selling techniques. The WFDSA has also adopted a world code of conduct applicable exclusively to members of direct selling associations. There is conformity in substance between the ICC Code and the industry code. The ICC Code is to be followed by all involved in direct selling.
Direct selling, as defined by the ICC Code, “refers to the selling of products directly to consumers, generally in their homes or the homes of others, at their workplace and other places away from permanent retail locations, where the direct seller may explain or demonstrate products.”
The Direct Selling Code is an instrument for self-discipline, but may also be used by the courts as a reference document within the framework of applicable legislation. The ICC Code is also able to fill in the gap in countries which have not created direct selling laws.
The Direct Selling Code spells out responsible conduct towards consumers, such as the credo not to exploit a consumer’s age, that product demonstrations should be complete with regard to price and also covers recruitment practices in the direct selling industry.
Recent changes include a section on referral selling stipulating that consumers should not be induced to make a purchase based on the assumption of a reduced price for customer referrals. The ICC Code also requires that direct selling companies communicate the contents of the Code with their direct sellers and that compliance with the standards of the Code should be a condition for membership in the company’s distribution system. In keeping with the principle of truthfulness, the ICC Code specifies that “descriptions, claims, illustrations or other elements relating to verifiable facts should be capable of substantiation.”
The United Nations Commission on International Trade Law (UNCITRAL) has published the Report on its forty-fifth session (25 June – 6 July 2012) at which it decided to endorse the UNIDROIT Principles of International Commercial Contracts 2010.
With its accession to the United Nations Convention on Contracts for the International Sale of Goods (“CISG”), San Marino becomes the 78th State Party to the Convention. The Convention will enter into force for San Marino on 1 March 2013.
The adoption of the CISG by San Marino has taken place in the context of a joint initiative between the Government of San Marino and the UNCITRAL Secretariat aimed at modernizing the law of international sale of goods and of electronic transactions in that country.
The United Nations Convention on Contracts for the International Sale of Goods provides an equitable and modern uniform framework for the contract of sale, which is the backbone of international trade in all countries, irrespective of their legal tradition or level of economic development. The CISG is therefore considered to be one of the core conventions in international trade law.
The CISG, which has been adopted by a large number of major trading countries, establishes a comprehensive code of legal rules governing the formation of contracts for the international sale of goods, the obligations of the buyer and seller, remedies for breach of contract and other aspects of the contract.
A new edition of the International Classification of Goods and Services for the Purposes of the Registration of Marks (the “Nice Classification”) will enter into force on 1 January 2012. It will be available on the International Bureau of the World Intellectual Property Organization’s (WIPO) web site, at the following address: www.wipo.int/classifications/en/.
The International Bureau of WIPO will apply the tenth edition of the Nice Classification to all international applications that are received by the Office of origin on or after 1 January 2012.
In conformity with its previous practice, the International Bureau of WIPO will not reclassify, in accordance with the tenth edition of the Nice Classification, the list of goods and services of an international registration that is the subject, after 31 December 2011, of a renewal, subsequent designation or any other change affecting the list of goods and services.
The Nice Classification was established by an Agreement concluded at the Nice Diplomatic Conference, on 15 June 1957, was revised at Stockholm, in 1967, and at Geneva, in 1977, and was amended in 1979.
The countries party to the Nice Agreement constitute a Special Union within the framework of the Paris Union for the Protection of Industrial Property. They have adopted and apply the Nice Classification for the purposes of the registration of marks.
Each of the countries party to the Nice Agreement is obliged to apply the Nice Classification in connection with the registration of marks, either as the principal classification or as a subsidiary classification, and has to include in the official documents and publications relating to its registrations of marks the numbers of the classes of the Classification to which the goods or services for which the marks are registered belong.
Use of the Nice Classification is mandatory not only for the national registration of marks in countries party to the Nice Agreement, but also for the international registration of marks effected by the International Bureau of WIPO, under the Madrid Agreement Concerning the International Registration of Marks and under the Protocol Relating to the Madrid Agreement Concerning the International Registration of Marks, and for the registration of marks by the African Intellectual Property Organization (OAPI), by the African Regional Intellectual Property Organization (ARIPO), by the Benelux Organisation for Intellectual Property (BOIP) and by the European Union Office for Harmonization in the Internal Market (Trade Marks and Designs) (OHIM).
The Nice Classification is also applied in a number of countries not party to the Nice Agreement.
On 12 September 2011, the International Chamber of Commerce (ICC) has launched a revised version of its Rules of Arbitration with the aim of better serving the existing and future needs of businesses and governments engaged in international commerce and investment.
The new ICC Arbitration Rules (the “Rules”) will come into force on 1 January 2012 and take into account current requirements and developments in arbitration practice and procedure, as well as developments in information technology, since they were last revised in 1998.
The revision process began in 2008 and was undertaken by a small drafting committee of up to 20 members, supported by a wider task force of 202 members and a consultation process with ICC national committees around the world and the ICC Commission on Arbitration. The new Rules were approved in Mexico City by the ICC World Council on 11 June 2011.
Additions to the Rules include provisions to address disputes involving:
Other amendments have also been made to ensure that the arbitral process is conducted in an expeditious and cost-effective manner.
Unless parties stipulate otherwise, the new ICC Arbitration Rules will automatically apply to all arbitrations under the auspices of the International Chamber of Commerce commenced after 1 January 2012, save for the emergency arbitrator provisions.
In answer to the growing demand for a more holistic approach to dispute resolution techniques, the new Rules are published in a booklet that also includes the ICC ADR Rules, which provide for mediation and other forms of amicable dispute resolution. Both sets of Rules define a structured, institutional framework intended to ensure transparency, efficiency and fairness in the dispute resolution process while allowing parties to exercise their choice over many aspects of procedure.
With its accession to the Convention on the Recognition and Enforcement of Foreign Arbitral Awards (also known as the New York Convention), effected on 7 July 2011, Liechtenstein becomes the 146th State party to the Convention. The Convention will enter into force for Liechtenstein on 5 October 2011.
The “New York” Convention is widely recognized as a foundation instrument of international arbitration and requires courts of contracting States to give effect to an agreement to arbitrate when seized of an action in a matter covered by an arbitration agreement and to recognize and enforce awards made in other States, subject to specific limited exceptions.
The United Nations Commission on International Trade Law (“UNCITRAL”) is the core legal body of the United Nations system in the field of international trade law. Its mandate is to remove legal obstacles to international trade by progressively modernizing and harmonizing trade law. It prepares legal texts in a number of key areas such as international commercial dispute settlement, electronic commerce, insolvency, international payments, sale of goods, transport law, procurement and infrastructure development. UNCITRAL also provides technical assistance to law reform activities, including assisting Member States to review and assess their law reform needs and to draft the legislation required to implement UNCITRAL texts. The UNCITRAL Secretariat is located in Vienna and maintains a website at www.uncitral.org.
The Governing Council of UNIDROIT at its 90th session formally adopted on 10 May 2011 the third edition of the Principles of International Commercial Contracts (“UNIDROIT Principles 2010″).
The UNIDROIT Principles 2010 contain new provisions on restitution, illegality, plurality of obligors and obligees, and conditions, while with respect to the text of the 2004 edition the only significant changes made relate to the Comments to Article 1.4.
The new edition of the UNIDROIT Principles consists of 211 Articles (as opposed to the 120 Articles of the 1994 edition and the 185 Articles of the 2004 edition) structured as follows: Preamble (unchanged); Chapter 1: General provisions (unchanged); Chapter 2, Section 1: Formation (unchanged), Section 2: Authority of agents (unchanged); Chapter 3, Section 1: General provisions (containing former Articles 3.1 (amended), 3.2, 3.3 and 3.19 (amended)), Section 2: Ground for avoidance (containing former Articles 3.4 to 3.16, 3.17 (amended), 3.18 and 3.20, and a new Article 3.2.15), Section 3: Illegality (new); Chapter 4: Interpretation (unchanged); Chapter 5, Section 1: Content (unchanged), Section 2: Third Party Rights (unchanged), Section 3: Conditions (new); Chapter 6, Section 1: Performance in general (unchanged), Section 2: Hardship (unchanged); Chapter 7, Section 1: Non-performance in general (unchanged), Section 2: Right to performance (unchanged), Section 3: Termination (containing former Articles 7.3.1 to 7.3.5, 7.3.6 (amended) and a new Article 7.3.7), Section 4: Damages (unchanged); Chapter 8: Set-off (unchanged); Chapter 9, Section 1: Assignment of rights (unchanged), Section 2: Transfer of obligations (unchanged), Section 3: Assignment of contracts (unchanged); Chapter 10: Limitation periods (unchanged); Chapter 11, Section 1: Plurality of obligors (new), Section 2: Plurality of obligees (new).
On Thursday 12 May 2011, the Ambassador of the Sultanate of Oman, deposited Oman’s instrument of accession to the Convention of 5 October 1961 Abolishing the Requirement of Legalisation for Foreign Public Documents (the “Apostille Convention”). As a result, Oman has become the 101st Contracting State to the Apostille Convention (*).
The accession of Oman is significant as the first State of the Persian Gulf to join the Apostille Convention. It is also the first Hague Convention to which Oman will become party, making it the 139th State or organisation to be connected to the Hague Conference (i.e., by being a Member of the Hague Conference, or either signatory or Contracting State to at least one of the Hague Conventions).
Cloud computing relates to IT services and resources – including infrastructure, platforms and software – which can be provided to customers via the internet, rather than by on-site installations of IT hardware and software (for a technical definition of cloud computing see National Institute of Standards and Technology).
Cloud computing allow companies to benefit of financial savings, share of costs with the other customers on the same cloud, and efficiency while their IT infrastructure is constantly upgraded and updated by the cloud computing provider.
Notwithstanding such benefits, cloud computing shall be duly considered in light of the risks involved in it such as – among others – security, performance, service availability, contractual remedies and supplier stability.
From an International Law perspective the key difference between traditional IT outsourcing and cloud computing is “where” the data resides or is processed as data may be dispersed across and stored in multiple data centers all over the world. Moreover, the use of a cloud platform can result in multiple copies of such data being stored in different locations. This is true even for a “private cloud” that is run by a single customer.
In fact, corporate customers shall consider that cloud computing is vulnerable to damage or interruption from earthquakes, terrorist attacks, floods, fires, power loss, telecommunications failures, computer viruses, computer denial of service attacks, or other attempts to harm the relevant systems. Data centers may be located in areas with a high risk of major earthquakes or may be subject to break-ins, sabotage, and intentional acts of vandalism, and to potential disruptions if the operators of these facilities have financial difficulties.
Above all, systems are not fully redundant, and disaster recovery planning cannot account for all eventualities.
In addition, cloud computing products and services are highly technical and complex and may contain errors or vulnerabilities. Any errors or vulnerabilities in such products or services, or damage to or failure of such systems, could result in interruptions in the services, which could reduce revenues and profits, or damage the corporate brand. Finally, internet, technology, and media companies own large numbers of patents, copyrights, trademarks, and trade secrets and frequently enter into litigation based on allegations of infringement or other violations of intellectual property rights related to the cloud.
In light of the above, as corporate customer explore cloud computing as IT outsourcing strategy, there are several legal issues that shall be carefully considered. Implications of outsourced data handling, contract terms and conditions, intellectual property rights and proper insurance coverage are among others the key elements to be addressed from an International Law perspective. Therefore, the carry out of a due diligence of the proposed cloud vendor is a crucial risk mitigation step.
Among others, the following key issues shall be addressed:
The European Court of Justice in its Judgment in Joined Cases C-585/08 and C-144/09 Peter Pammer v Reederei Karl Schlüter GmbH & Co. KG and Hotel Alpenhof GesmbH v Oliver Heller explains the rules of jurisdiction in European Union law that are applicable to consumer contracts, in relation to services offered on the internet.
The European Union regulation on jurisdiction in civil and commercial matters (see Council Regulation (EC) No 44/2001 of 22 December 2000 on jurisdiction and the recognition and enforcement of judgments in civil and commercial matters) provides that actions against a person domiciled in a Member State must, as a general rule, be brought in the courts of that State. It also provides that cases resulting from a contractual relationship may be decided by the courts for the place of performance of the contractual obligation. In the case of consumer contracts, however, rules protecting the consumer apply. If the trader “directs its activities” to the Member State in which the consumer is domiciled, the consumer can bring proceedings before the courts of the Member State of his domicile and he can be sued only in that Member State.
In its judgment, the Court states that mere use of a website by a trader in order to engage in trade does not in itself mean that its activity is “directed to” other Member States, which would trigger application of the protective rules of jurisdiction in the regulation. The Court holds that, in order for those rules to be applicable in relation to consumers from other Member States, the trader must have manifested its intention to establish commercial relations with such consumers.
In order to determine whether a trader whose activity is presented on its website or on that of an intermediary can be considered to be “directing” its activity to the Member State of the consumer’s domicile, within the meaning of Article 15(1)(c) of Regulation No 44/2001, it should be ascertained whether, before the conclusion of any contract with the consumer, it is apparent from those websites and the trader’s overall activity that the trader was envisaging doing business with consumers domiciled in one or more Member States, including the Member State of that consumer’s domicile, in the sense that it was minded to conclude a contract with them.
In this context, the Court considers what evidence can demonstrate that the trader was envisaging doing business with consumers domiciled in other Member States. Such evidence includes clear expressions of the trader’s intention to solicit the custom of those consumers, for example when it offers its services or its goods in several Member States designated by name or when it pays a search engine operator for an internet referencing service in order to facilitate access to its site by consumers domiciled in those various Member States.
Nevertheless, other less patent items of evidence, possibly in combination with one another, are also capable of demonstrating the existence of an activity “directed to” the Member State of the consumer’s domicile. These include: the international nature of the activity at issue, such as certain tourist activities; mention of telephone numbers with the international code; use of a top-level domain name other than that of the Member State in which the trader is established, for example “.de”, or use of neutral top-level domain names such as “.com” or “.eu”; the description of itineraries from one or more other Member States to the place where the service is provided; and mention of an international clientele composed of customers domiciled in various Member States, in particular by presentation of accounts written by such customers. Likewise, if the website permits consumers to use a language or a currency other than that generally used in the trader’s Member State, this can also constitute evidence demonstrating cross-border activity of the trader.
On the other hand, the mere accessibility of the trader’s website in the Member State in which the consumer is domiciled is insufficient. The same is true of mention of an email address and of other contact details, or of use of a language or a currency which are the language and/or currency generally used in the Member State in which the trader is established.
The Incoterms rules have become an essential part of the daily language of trade. They have been incorporated in contracts for the international sale of goods and provide rules and guidance to importers, exporters, lawyers, transporters, insurers and students of international trade.
The purpose of Incoterms is to provide a set of international rules for the interpretation of the most commonly used trade terms in foreign trade. Thus, the uncertainties of different interpretations of such terms in different countries can be avoided or at least reduced to a considerable degree.
Frequently, parties to a contract are unaware of the different trading practices in their respective countries. This can give rise to misunderstandings, disputes and litigation, with all the waste of time and money that this entails.
In order to remedy these problems, the International Chamber of Commerce first published in 1936 a set of international rules for the interpretation of trade terms, first conceived in 1921.
These rules were known as “Incoterms 1936″. Amendments and additions were later made in 1953, 1967, 1976, 1980, 1990, 2000 and presently in 2010 in order to bring the rules in line with current international trade practices.
As of 1 January 2011 the eighth edition, “Incoterms 2010″, shall have effect. Among other changes therein affected all of the five terms in section D are obsoleted and replaced with the following three: DAT (Delivered at Terminal), DAP (Delivered at Place), and DDP (Delivered Duty Paid). Such new terms apply to all modes of transport.
Rules for any mode or modes of transport:
Rules for sea and inland waterway transport:
It should be stressed that the scope of Incoterms is limited to matters relating to the rights and obligations of the parties to the contract of sale with respect to the delivery of goods sold (in the sense of “tangibles”, not including “intangibles” such as computer software) as they help traders avoid costly misunderstandings by clarifying the tasks, costs and risks involved in the delivery of goods from sellers to buyers.
The current Incoterms 2000 rules are endorsed by UNCITRAL.
On 25 June 2010, the United Nations Commission on International Trade Law adopted the revised UNCITRAL Arbitration Rules (the “Rules”).
The original UNCITRAL Arbitration Rules were adopted in 1976 and have been used for the settlement of a broad range of disputes, including disputes between private commercial parties where no arbitral institution is involved, investor-State disputes, State-to-State disputes and commercial disputes administered by arbitral institutions.
The revision is aimed at enhancing the efficiency of arbitration under the Rules and does not alter the original structure of the text, its spirit or drafting style.
The Rules, as revised, include more provisions dealing with, among others, multiple parties arbitration and joinder, liability, and a procedure to object to experts appointed by the arbitral tribunal. A number of innovative features contained in the Rules aim to enhance procedural efficiency, including revised procedures for the replacement of an arbitrator, the requirement for reasonableness of costs and a review mechanism regarding the costs of arbitration. The Rules also include more detailed provisions on interim measures.
The Rules will take effect from 15 August 2010 and will be presumed to apply to all arbitration agreements referring to UNCITRAL arbitration concluded after that date, unless the parties have agreed otherwise.