Buyers Beware: EU Competition Law Concept of “Undertaking” Is Applicable in Actions for Damages as well
By Kristina Povazanova
In its preliminary ruling procedure under Article 267 of the Treaty on the Functioning of the European Union (“TFEU”), the Court of Justice of the European Union (“the CJEU”) issued a landmark judgment on March 14, 2019. According to C-724/17 Vantaan kaupunki v Skanska Industrial Solutions Oy and Others , parent companies cannot use corporate restructuring to circumvent their liability for the damage incurred due to a competition law infringement committed by their subsidiaries (based on Article 101 TFEU and equivalent national provisions) in cases where the parent company continues the economic activities of “in-the-meantime” dissolved subsidiaries.
The CJEU answered two fundamental questions: a) Who are the parties that are liable for damages and b) is the determination of which parties are liable to be made directly based on Article 101 TFEU or on the basis of national legal provisions?
Facts in a nutshell
The case stems from a cartel that was set up in the Finnish asphalt market between 1994 and 2002. Amongst others, Sata-Asfaltti Oy, Interasfaltti Oy, Asfalttineliö Oy, Asfaltti-Tekra Oy, and Lemminkäinen Oyj, were considered to be the cartelists concerned.
In 2000, Asfaltti-Tekra Oy changed its name to Skanska Asfaltti Oy and acquired all the shares of Sata-Asfaltti Oy. Two years later, the latter entered into a voluntary liquidation and all its business was transferred to Skanska Asfaltti Oy, which continued to participate in the cartel activities. In 2017, Skanska Asfaltti Oy changed again its legal name to Skanska Industrial Solutions (“SIS”).
Similar restructuring happened in 2003 to Interasfaltti Oy, which was dissolved in a voluntary liquidation procedure and its commercial activities were transferred to NCC Roads, later renamed NCC Industry (“NCC”).
Last but not least, Asfalttineliö Oy was acquired in June 2000 by Siilin Sora Oy, which later changed its name to Rudus Asfaltti. Asfalttineliö Oy’s voluntary insolvency procedure took place in January 2002 and its business was transferred to Rudus Asfaltti, known as Asfaltmix since 2014.
Actions for damages filed based on Finnish law
In 2009, the Supreme Administrative Court of Finland imposed fines on seven companies for the violation of Article 101 TFEU and equivalent national provisions (“2009 Decision”).
The fines were imposed on:
- “SIS for its own conduct and that of Sata-Asfaltti Oy;
- NCC for the conduct of Interasfaltti Oy; and
- Asfaltmix for the conduct of Asfalttineliö Oy”. 
Based on the 2009 Decision of the Supreme Administrative Court of Finland, the City of Vantaa filed an action for damages before a District Court in Finland claiming that all of the abovementioned companies were jointly and severally liable for the additional costs that were incurred as a result of the cartel overpricing. On the other hand, SIS, NCC, and Asfaltmix believed that they were not liable for the damage caused by formerly independent companies and that all claims should have been made during the liquidation proceedings.
In order to ensure the effectiveness of EU competition law enforcement according to Article 101 TFEU, the District Court in Finland, applying the economic continuity test, ordered SIS, NCC, and Asfaltmix to compensate the City of Vantaa for damages. to the extent of personal scope mentioned above. The Court of Appeal of Finland, however, later upheld the District Court’s decision insofar as it concerned the conduct of dissolved subsidiaries. The City of Vantaa appealed the Court of Appeal’s decision to the Supreme Court of Finland, which was confronted on one side with its national legal provisions based on the assumption that only the legal entity that caused the damage is liable for it, and, on the other side, with the settled case law of the CJEU stating that any person may claim compensation for damage resulting from a violation of Article 101 TFEU. Therefore, the Supreme Court referred the following questions to the CJEU for a preliminary ruling:
1) Is the determination of which parties are liable for the compensation to be made directly based on Article 101 TFEU or on the basis of national legal provisions?
2) If the answer to the first question is “directly based on Article 101 TFEU”, should the concept of “undertaking” as recognized by EU competition law be applied, hence the same principles considered relevant when determining the entities liable for fines?
3) If the answer is “on the basis of national legal provision”, does the EU law requirement of effectiveness require that the parent companies in the case at hand are to be held liable for the damage caused by their dissolved subsidiaries?
The findings of the CJEU
The reference to the CJEU highlighted an important question regarding the applicability of EU competition law concepts and principles with respect to public and private enforcement of EU competition law. The situation at hand was particularly tricky, given the apparent conflict between EU competition law principles and national legal provisions on civil liability, pursuant to which only the legal entity that caused the damage is liable. Moreover, according to the Finnish legal order, the corporate veil can only be lifted if the corporate restructuring is used to circumvent or avoid legal liability.
The CJEU began its reasoning with a reference to C-557/12 Kone AG and Others v ÖBB-Infrastruktur AG. In that case, the CJEU reaffirmed that both Article 101 and Article 102 of the TFEU have direct legal effect and hence create rights for the individuals, which national courts and authorities must protect. Even more importantly, it stressed that any person is entitled to claim compensation for the damage suffered, provided that a causal link exists between the harm suffered and the prohibited practice or agreement and that this right is essential in ensuring the full effectiveness of EU competition law enforcement. 
In concert with the Advocate General Wahl’s opinion , the CJEU answered the first of the referred questions pointing out that the determination of which parties are liable for the compensation is “directly governed by EU law.”  EU competition law applies the concept of “undertaking” under Article 101 TFEU to “designate the perpetrator of an infringement”  of this provision. It is these “undertakings” which have infringed Article 101 TFEU that “must answer for the damage caused by the infringement.” 
There are not many judgments of the CJEU on the application of EU competition law that would not make a reference to C-516/15 Akzo Nobel NV and Others v EU Commission. Reestablishing the “Akzo Nobel” concept of “undertaking” under Article 101 TFEU, the CJEU emphasized that “undertaking” covers “any entity engaged in an economic activity, irrespective of its legal status and the way it is financed.” Moreover, it designates “an economic unit even if in law that economic unit consists of several persons, natural or legal.” 
With respect to the situation at hand, the CJEU answered the second referred question clarifying that the same principles should be applied in the context of public enforcement in accordance with Article 101 TFEU, as well as in relation to actions for damages (private enforcement). Specifically, an undertaking should not be allowed to avoid liability by corporate restructuring when the undertaking and its predecessor are identical from an economic point of view. It continued that “if the undertakings responsible for damage caused by infringement of the EU competition rules could escape penalties by simply changing their identity through restructurings . . . the objective of suppressing conduct that infringes the competition rules and preventing its reoccurrence by means of deterrent penalties would be jeopardised.” 
This is mainly because private enforcement of competition law forms an “integral part of the system for enforcement of those rules”  and aims at the same objective, which is to punish the anticompetitive behavior and to deter repeated misconduct.
The CJEU judgment in the case at hand is significant in many ways. We can definitely conclude that it has extended existing rules and settled case law of the CJEU with respect to private enforcement of EU competition law. As both Advocate General Wahl and the CJEU concluded, public enforcement and private enforcement of EU competition law form an integral system and the consistent application and interpretation of these rules is essential in ensuring its effective enforcement. It is worth mentioning that it seems implicit from the judgment that the same rationale should be applied to actions for damages under Article 102 TFEU.
Secondly, as Advocate General Wahl pointed out, private enforcement of EU competition law and actions for damages serve a dual role–to offer compensation for the harm suffered and to deter “undertakings” from repeated wrongdoing. This is where EU competition law goes beyond what some of the legal orders of EU Member States offer–only compensation for the harm caused.
Thirdly, even though the judgment clearly affirms that the determination of which parties are liable for the compensation is directly governed by EU competition law, there is no clarification on how actions for damages should be brought before courts. This continues to fall under the scope of national legal provisions. On the other hand, one has to bear in mind that because the CJEU relied on the EU law concept of “undertaking,” successful claims will depend on a number of factors which are to be determined in accordance with EU competition law. These include the existence of a violation of EU competition law, identification of a person liable for the breach, and a causal link between the harm suffered and the infringement of EU competition law.
Moreover, the CJEU in this judgment went further and stressed that the principle of economic continuity applies to private enforcement of EU competition law. This follows the reasoning of Advocate General Wahl, who stated in relation to corporate restructuring that “liability is attached to assets, rather than a particular legal personality.” 
As the title of this Article indicates, the judgment of the CJEU at hand increases the risk (related to competition law) for entities interested in various forms of corporate restructurings. It should, therefore, be indispensable for entities to invest in full-featured due diligence and in-depth research to avoid potential adverse consequences of previous EU competition law infringements.
 Case C-724/17 Vantaan kaupunki v Skanska Industrial Solutions Oy and Others
 Ibid, p. 10
 Ibid, p. 24-26
 Opinion of Advocate General Wahl delivered on 6 February 2019 in Case C-724/17 Vantaan kaupunki v Skanska Industrial Solutions Oy and Others
 Ibid , p. 28
 Ibid, p. 29
 Ibid, p. 31
 Ibid, p. 36-37
 Ibid, p. 45-46
 Ibid , p. 80
By Maria E. Sturm
On July 18, 2019, the EU Commission, the European antitrust supervisory body, fined Qualcomm Inc. for using predatory prices between 2009 and 2011. The EU Commission argued as follows:
- It explained that Qualcomm had a dominant position in the world market. This dominance is based on:
- Its market share of 60% and
- The high entry barriers: competitors are confronted with significant initial investments for research and development in this sector, as well as with obstacles regarding intellectual property rights.
- While it is not illegal to hold a dominant position, the EU Commission accuses Qualcomm of abusing such a position by using predatory prices for UMTS-chip sets. To prove this, the EU Commission used a price-cost test for the chipsets in question. In addition, it claimed to have qualitative evidence for anti-competitive behavior. Qualcomm used this problematic pricing policy when its strongest competitor, Icera, tried to expand on the market in an effort to hinder Icera from building up its market presence.
- Finally, the EU Commission argues that Qualcomm’s behavior could not be justified by potential efficiency gains.
This Commission decision is the latest, but presumably not the final point of a long case history. Already in 2015, the Commission has initiated a formal investigation and issued Statements of Objections against Qualcomm. In 2017, the Commission requested further information from Qualcomm. As Qualcomm did not respond to this request, the Commission made a formal decision which Qualcomm claimed to be void. Qualcomm filed for annulment of the decision and an application for interim measures. The latter was dismissed on July 12, 2017. Art. 278 TFEU establishes the principle that EU actions do not have a suspensory effect, because acts of EU institutions are presumed to be lawful. Thus, an order of suspension or interim measures is only issued in exceptional circumstances where it is necessary to avoid serious and irreparable harm to the applicant’s interests in relation to the competing interests. The cumulative requirements are:
- The applicant must state the subject matter of the proceedings.
- The circumstances must give rise to urgency.
- The pleas of fact and law must establish a prima facie case for the interim measures.
Qualcomm mainly brought forward two arguments for the urgency of the matter:
- The amount of work and cost for answering the questions would be too burdensome. In response, the Court stated that the damage would be only of a pecuniary nature. Such damage normally is not irreparable, because it can be restored afterwards. Qualcomm did not argue that its financial viability would be jeopardized before the final judgment would be issued, that its market share would be affected substantially, or that it was impossible to seek compensation.
- The enormous amount of work for the employees of the financial department would make it impossible for them to perform their regular tasks. However, Qualcomm mentioned itself that the burden would weigh particularly heavily on a limited number of employees in the financial department only. The Court held that if only some employees of only one department would be affected, the argument is not strong enough to justify urgency.
The latest decision in this case was issued on April 9, 2019, about Qualcomm’s claim for annulment. Qualcomm brought forward six pleas against the EU Commission, but all of them were dismissed:
- Infringement of the obligation to state reasons.
According to relevant case law, statements of reasons must be appropriate to the measure at issue and must disclose the reasons clearly and unequivocally. The Commission must show that the request is justified. The undertakings concerned must be able to assess the scope of their duty to cooperate and their right to defense must be safeguarded. However, the EU Commission is not obliged to communicate all information at its disposal, as long as it clearly indicates the suspicions. Since the Commission clearly indicated the products and the customers involved, as well as the suspicions of infringement, it fulfilled its obligation to state reasons.
- Infringement of the principle of necessity.
There must be a correlation between the request for information and the presumed infringement and the Commission must presume reasonably that the information will help determine whether the alleged infringement has taken place. Qualcomm accused the Commission of having expanded the scope of the investigation and contended that the required information was not necessary. Concerning the first point, Qualcomm mainly referred to the Statement of Objections and said the Commission must terminate its preliminary investigations before issuing such a document. However, according to the Court, the Statement of Objections is only procedural and preliminary, the Commission is thus free to continue with fact-finding afterwards. Concerning the second point, the Court grants the Commission broad powers of investigation, including the assessment of whether information is necessary or not. In particular, the Commission needed the information required from Qualcomm to avoid factual errors in calculating the price-cost test. The Commission had to request the information to keep up with its obligation to examine carefully and impartially.
- Infringement of the principle of proportionality.
Qualcomm argued that the information requested was disproportionate, because it was not legally obliged to keep documents for longer than three and a half years and that they did not organize their documents systematically. Here, the Court said that at least from the moment when Qualcomm learned about the Commission’s investigation, it should have been more careful and should have kept documents. Moreover, undertakings who keep their documents in an organized and systematic order cannot be penalized for that. Therefore, the unsystematic organization falls under Qualcomm’s responsibility. Furthermore, a significant workload is not per se disproportionate. One must consider it in relation to the investigated infringement. An alleged predatory pricing requires complex analyses of a large amount of data and is not disproportionate because of its nature.
- Reversal of the burden of proof.
This plea is, according to the Court, based on a misreading. Qualcomm was asked to neither audit financial accounts nor prove that they have conducted their business in accordance with the law. Rather, it was only asked to issue information for the Commission to conduct the price-cost test and internal documents pertaining to the relevant period.
- Infringement of the right to avoid self-incrimination.
Qualcomm claims that the Commission’s requests were beyond the scope of simply providing information. According to Regulation No 1/2003, undertakings cannot be forced to admit that they have committed an infringement, but they are obliged to answer factual questions and to provide documents, even if this information may be used to establish against them. Therefore, they do not have an absolute right of silence. On the contrary, in order to ensure the effectiveness of Regulation No 1/2003, the Commission is entitled to request all necessary information concerning relevant facts to prove the existence of anticompetitive conduct.
- Infringement of the principle of good administration.
Qualcomm claimed the required information was excessive and that the Commission abused its investigative power by prolonging a flawed investigation. According to the relevant case law, the principle of good administration requires EU institutions to observe the good guarantees afforded by the legal order. Those guarantees include the duty to examine carefully and impartially all the relevant aspects of the individual case. Here, the Court held that the Commission requested the information in question precisely to comply with its duty to examine carefully and impartially the arguments put forward by Qualcomm regarding the Statement of Objections.
On June 18, 2019, Qualcomm lodged an appeal for the annulment of the General Court’s judgment. The case is to be continued.
Big Data: Italian Authorities Published Guidelines and Policy Recommendation on Competition, Consumer Protection, and Data Privacy Issues
By Gabriele Accardo and Maria Rosaria Miserendino
On July 10, 2019, the Italian Competition Authority (“ICA”), the Authority for the Communications Guarantees (“AGcom”), and the Authority for the protection of personal data (the “DPA”, jointly the “Authorities”) published guidelines and policy recommendations for big data (“Guidelines” available here, only in Italian for the time being).
The Guidelines follow the inquiry opened jointly by the three Authorities in May 2017 aimed at a better understanding of the implications that developments in the digital economy have for privacy, regulation, antitrust, and consumer protection. The final report of the three Authorities will be published shortly.
This Article points out the main takeaways of the Guidelines in terms of the impact that big data may have on antitrust enforcement, including its interaction with privacy and consumer protection issues.
The use of big data is increasingly having a significant impact on the economy, and more generally on the entire society. Despite its positive consequences for companies and consumers, the use of big data also entails risks in terms of competition/consumer protection, data protection, and the pluralism of information. Indeed, access to a huge volume of data by (a small number of) large digital companies may give rise to “market power.”
Furthermore, the use of such an amount of information may increase privacy protection risks, owing to a lack of transparency and information asymmetry.
Big data and antitrust enforcement
The Guidelines clarify that antitrust enforcement of abusive conducts and anticompetitive agreements in the digital space is a priority for the ICA.
It appears that the ICA is willing to run the risk of “over-enforcement” if otherwise, a lack of enforcement may discourage innovation.
In this connection, the Guidelines anticipate that, in the light of the fact that digital players are often active in several markets, the way markets are defined to assess market power may need to take into account other criteria. Otherwise, there might be the risk that certain digital ecosystems may not be contestable due to their entrenched market power. The ICA’s approach appears somewhat in line with the one proposed in the European Commission report–it appears that, in such instances, more emphasis should be put on theories of harm and identification of anticompetitive strategies rather than on the market definition itself.
Furthermore, the traditional antitrust analysis applied to “prices” and “output” should be extended to parameters such as “innovation,” “quality” and “fairness.”
In relation to the dominant position of such digital players, the Guidelines anticipate that the report will address two main issues: network effects that may increase the market power, and the obligation to grant data access where the data are considered indispensable and non-duplicable.
The ICA is currently carrying out two investigations against Amazon and Google that may test some new grounds. Specifically, the ICA is investigating whether Amazon discriminates on its e-commerce platform in favor of third-party merchants who use Amazon’s logistics services. Additionally, the ICA is assessing whether Google allegedly refused to integrate the app “Enel X Recharge” into its Android Auto environment.
The Guidelines further point out the risks of collusion in the context of price algorithms, as well as in agreements concerning the development of smart cities and the Internet of Things such as, for instance, those relating to the joint implementation and sharing of 5G networks.
Interestingly, the Guidelines also highlight the risk of illegal exchange of information among competitive companies in the cybersecurity sector, insofar as such agreements may restrict–by object or by effect–the cybersecurity of products for companies or end consumers.
Finally, the Guidelines envisage the necessity to review the merger control rules, in order to allow the assessment of transactions which currently do not reach the notification thresholds but may restrict potential competition and affect innovation, particularly as a result of the acquisition of data.
Indeed, most recently in the Apple/Shazam case, the European Commission analyzed in-depth data-related issues with a specific focus on the assessment of data as input, the definition of the market, and the interconnection between competition and data privacy.
Big data and consumer protection: unfair commercial practices
First, the Guidelines also clarify that the Authorities shall seek to ensure better consumer protection, notably by reducing the information asymmetry between consumers and digital companies. More precisely, the Authorities should advocate for full transparency on the use of data and the necessity to transfer them from one platform to another. This is relevant especially for the use of certain apps where there is an inverse relationship between the price of the apps (often “free”) and the amount of data transferred.
In recent years, the ICA has tackled certain data-related issues under the unfair commercial practices rules. For instance, in the Facebook case, the ICA held that Facebook did not inform users adequately and immediately during the activation of their accounts of the collection and use of their data for commercial purposes. Moreover, the use of the social network was made subject to users granting their consent to the collection and use of all the information concerning them (information from their personal Facebook profiles, those deriving from the use of Facebook and from their own experiences on third-party sites and apps), in an unconscious and automatic way. The ICA also enforced the consumer protection rules in the WhatsApp case which raised similar issues (see previous coverage in Newsletter No 3/2017, pages 30-34, for more background).
In this connection, the Guidelines stress that transparency is also a very relevant issue in B2B relationships, since transparent disclosure of the criteria used for the analysis and processing of data is important, for instance in relation to ranking and visibility in platforms. It is also relevant because of the goal of allowing the entrance of new intermediaries that can compete with the global platforms.
The European Commission has recently opened an investigation to assess whether Amazon’s use of competitively sensitive data from independent retailers who sell on its marketplace is in breach of EU competition rules. In a separate investigation, the Commission is assessing whether certain banks’ practices in Poland and the Netherlands may be in breach of the EU competition rules, insofar as they appear to be aimed at illegitimately excluding fin-tech players (i.e., non-bank providers of financial services) from accessing customers’ account data, despite the fact that customers have given their consent to such access.
Digitalization is having a huge and lasting impact on the economy, society, and daily life.
Like most authorities across Europe, the Italian Authorities have also been carefully studying the digital sector, and have considered possible changes in regulations, methodologies, and criteria to assess the conduct of companies and emerging issues in the digital economy.
The Authorities have envisaged some action points which will likely be at the center of the debate in the coming months.
It appears rather clear that antitrust and consumer protection issues will increasingly intersect with other important areas, most notably privacy rules.
In order to face these challenges, it is paramount to implement the cooperation among Authorities with the goal of bringing about effective enforcement and better consumer protection without stifling innovation.
 Competition Policy for the Digital Era, 2019 https://ec.europa.eu/competition/publications/reports/kd0419345enn.pdf.
 See ICA’s decision in case A528 Amazon, of 16 April 2019.
 See ICA’s decision in case A529 Google, of 17 May 2019.
 See Commission decision in Case M.8788 Apple /Shazam, of 6 September 2018.
 See ICA’s decision in case PS 11112 Facebook, of 7 December 2018.
 See ICA’s decision in case PS WhatsApp, of 11 May 2017.
By Ildikó Móricz, Lewis Foster and Peter Tóth
Europe’s top court, the Court of Justice of the European Union (“CJEU” or “Court”), ruled on September 24, 2019 that requests to remove links displayed in the search results of a data subject’s name (“de-referencing requests”) should only be enforceable within the EU and not across all versions of a search engine’s domain.
The case between Google and the French data protection authority CNIL has resulted in victory for the former, with the scope of the “right to be forgotten” limited to EU Member States.
The idea that data subjects’ right to be forgotten is enforceable via de-referencing orders in the case of search engines was established in a landmark 2014 CJEU decision in favor of the Spanish data protection authority against Google. In that case, the CJEU interpreted European data protection law to find that Google, as a search engine, is a data controller whose activities constitute data processing, despite the fact that certain aspects of it are performed outside of the European Economic Area. The CJEU also found that Google can be ordered to remove information provided in response to a search based on a data subject’s name. Specifically, the CJEU ruled in the 2014 case that a search engine operator may be required, upon a data subject’s request, to remove from a list of results of a search using the data subjects’ name:
- links to web pages that contain information relating to the data subject, which are published by third parties, even where the information was published lawfully; and
- links to web pages that contain information that is incomplete, inaccurate, irrelevant, or excessive in relation to the nature of the processing.
In response, Google implemented a “geo-blocking” framework to restrict access to information responsive to search requests initiated from within the EU. Since then, Google has received more than 845,000 de-referencing requests for the removal of around 3.3 million web addresses. Uncertainty remained, however, as to the scope of de-referencing requests.
The current case started in May 2015, when CNIL requested that Google comply with de-referencing requests globally across all of its extensions and domain names. Google refused, continuing to limit search results only in relation to searches from within the EU. CNIL then imposed a fine of EUR 100,000 in March 2016. Google applied to the Conseil d’État (the Council of State, the supreme court for administrative proceedings in France) to annul the 2016 decision, and the Conseil d’État referred the question of whether de-referencing requests are enforceable across all extensions of Google’s domain names to the CJEU.
CJEU decision in detail
In deciding the case, the CJEU considered both the EU directive on data protection (Directive), which was in force as of the 2015 and 2016 CNIL decisions, and the Directive’s successor, the GDPR, which had replaced the Directive by the time of the decision.
The preliminary question was whether the right to de-referencing was applicable to Google. Under Article 3(1), the GDPR is applicable where the search engine has one or more establishments in the Union. Google’s subsidiary in France, which uses the search engine to sell and promote advertising space targeting EU citizens, “inextricably” links Google to the EU’s territory and, as a result, under the governance of the GDPR.
However, when answering the question of the scope of the de-referencing requests, the Court had a limited approach in applying the spirit of the GDPR and the Directive; i.e. to promote privacy within the European Union. While acknowledging that globally available websites affect the privacy of those requesting de-referencing and that a complete removal of search results would meet the objective of guaranteeing a high level of protection of personal data, the Court re-emphasized its principle that the right to be forgotten is not an absolute right. A balance must be made between the fundamental rights of the data subject to data protection and the rights of access to information of internet users. Furthermore, not all non-EU countries have the same approach to this right, or even recognize such a right at all.
In the EU, however, the GDPR is binding and directly applicable in all Member States. Moreover, the supervisory authorities must cooperate to ensure uniform and consistent application of EU law, as laid down in Art 61(1) GDPR, and according to the principle of sincere cooperation. Consequently, de-referencing orders are applicable to searches taking place across all of the search engine’s EU Member State domains.
There is, however, no obligation to carry out a de-referencing request across non-EU extensions of a search engine’s domain name, due to the lack of provisions or mechanisms to ensure cooperation between supervisory authorities on a global scale.
Despite this, the CJEU also concluded that while there is no obligation to carry out an order for de-referencing globally, such an order is not prohibited by EU either. This leaves Member States’ courts to balance a person’s right to privacy with other persons’ information access rights on a global level in light of domestic laws.
During the hearing, Google informed the Court about the new layout of the national versions of its search engine. If a user tried to access another version of Google’s domain from within the EU, Google would automatically re-route the search to the national domain where they believe the search originated using the user’s IP address. For example, if someone in France tried to access the US version of the domain “Google.com,” they would automatically be re-directed to “Google.fr.”
The Court decided that the issue of whether this was sufficient to ensure the effective protection of data subjects’ rights was for the referring court (the Conseil d’État) to decide.
Effects, Reactions, and Responses
The CJEU’s ruling is one of great importance for the area of digital privacy law and data protection on both sides of the Atlantic. It has prevented the EU from tightening its regulatory grip on one of the largest US digital companies. Had the ruling gone against Google, this would have limited access to information all over the world. The Court’s ruling sets a limit to the GDPR’s scope of application by not allowing its “universal” enforceability. While this does not mean that data controllers can simply escape the scope of the GDPR by moving their data processing activities outside the EU, this decision reduces the extraterritorial effect of the regulation and might result in non-EU data controllers having a less anxious approach towards the GDPR. The decision makes clear that the GDPR’s purpose is to protect personal data within the EU and not to set regulatory privacy dominance worldwide.
During the proceedings, a coalition of eight digital rights organizations led by a non-profit organization, ARTICLE 19, was allowed to submit arguments against global de-referencing requests. The coalition made the point that such requests are inherently disproportionate to the rights of freedom of expression and access to information. ARTICLE 19 Executive Director Thomas Hughes described the ruling as a “victory for global freedom of expression.” He went on to say that “it is not right that one country’s data protection authority can impose their interpretation on internet users around the world.”
There remains some uncertainty in this area of law. This is due to the fact that the CJEU has left it to the Member States’ supervisory bodies and courts to decide when to enforce global de-referencing requests to protect a data subject’s fundamental rights as established in local law. Decisions relating to enforcing global de-referencing requests will, therefore, be decided not as GDPR issues but as matters of constitution or human rights in a local fundamental rights court or potentially before the European Court of Human Rights.
For now, Google and others such as Microsoft and Wikimedia will likely continue to use a geo-blocking approach to removing links from search results conducted inside the EU
By Pratyush Nath Upreti
After the recent submission on investor-state dispute settlement (ISDS) reforms at the UNCITRAL, the European Commission on 11 October 2019 came up with four proposals in the form of rules to ensure the functioning of the Investment Court System (ICS) established under the EU-Canada Comprehensive Economic and Trade Agreement (CETA).
Out of the four proposals, the first relates to rules regarding the functioning of the Appellate Tribunal. The rules mainly consist of composition and administrative arrangements and conduct of Appeals.
The second proposal focuses on the conduct of members of the ICS. The rule requires members to disclose to the parties any past and present interest that would likely affect their independence or impartiality, or that could create direct or indirect conflict or might reasonably be seen as impropriety or bias. Moreover, to ensure fairness in the process, the rule prohibits former members of the ICS to appear in the matter for three years after the end of the term. Similarly, rules set for a member of ICS are applied mutatis mutandis to the person that would act as mediators.
The third proposal deals mainly with the appointment and rules of the Mediation Procedure. The rules clarify that the mediation mechanism is not intended to serve as a basis for dispute settlement and a mutually agreed solution between the parties must be publicly available.
The fourth proposal deals with rules for binding interpretation to be adopted by the CETA Joint Committee. The rules allow parties to refer to the Committee on Services and Investment if they perceive serious concerns regarding the matter of interpretation of the CETA text that may affect investment. In such cases, parties should “make best endeavors” to come to a mutually satisfactory solution. In case of failure to reach a mutually agreed solution, the Committee on Services and Investment may recommend the CETA Joint Committee to issue interpretations. The rules indicate that the CETA Joint Committee interpretations are binding on the Tribunal and Appellate Tribunal under Chapter Eight of the Agreement and interpretations adopted by the Committee should be made public.
By Gabriel M. Lentner
On October 24, 2019, the European Commission announced that most (not all) member states agreed to a plurilateral treaty to terminate all remaining intra-EU bilateral investment treaties (BITs). These treaties provide for the protection of foreign investors’ rights (including intellectual property rights) that can be enforced against states through investor-state dispute settlement. The Court of Justice of the European Union (CJEU) ruled last year in Achmea that these treaties between EU member states (intra-EU BITs) are incompatible with EU law but left the question of how this affects existing treaties unanswered.
According to the EU announcement, only a “small minority” of states have not endorsed the plurilateral treaty. Those states are reportedly Finland and Sweden; they object to the treaty due to conflicts the text raises with how they view the relationship between EU law and public international law. The European Commission has stated that it will “consider resuming or initiating infringement procedures” against states not terminating their intra-EU BITs.
The text of the treaty is not yet available.
Possible Implications for Energy Charter Treaty Disputes
The implications for Energy Charter Treaty (ECT) disputes are unclear. The ECT is a multilateral treaty to which EU member states as well as the EU in its own right, and non-EU states are parties. There are many investment arbitration cases dealing with intra-EU investments that have led to a number of decisions against EU states. While the European Commission and a number of EU Member States view the CJEU Achmea ruling also applicable to these disputes, others disagree, the CJEU has been silent on the matter.
In its announcement, the European Commission urges member states to further discuss “whether any additional steps are necessary to draw all the consequences from the Achmea judgment in relation to the intra-EU application of the Energy Charter Treaty.”
As a result, the fate of the Energy Charter Treaty within the EU framework is still not decided.