Issue 1 / 2019

In the current CRi issue 1 (publication on: 15. Februar 2019) you find the following articles and case law:



Schwartz, Paul / Peifer, Karl-Nikolaus, Data Localization Under the CLOUD Act and the GDPR, CRi 2019, 1-10

The CLOUD Act establishes in its “Step One” the extraterritorial reach of the Stored Communications Act (SCA) and in its “Step Two” sets up a process for the creation of bilateral executive agreements between the U.S. and foreign governments to provide reciprocal authority to make direct requests for information from cloud providers in the other’s jurisdiction. In consequence, the CLOUD Act may encourage governments to engage in an arms race for stricter data protection laws and sanctions. It may also encourage companies to localize data storage in the EU. Moreover, the CLOUD Act may be on a collision course with the GDPR. This Article proposes that the most sensible and efficient path to legal certainty for cloud providers would be an accord between the U.S. and the EU itself.

Hofert, Eduard, Regulating Virtual Currencies: Shortcomings of the EU Framework, CRi 2019, 10-15

Distributed ledger technology especially in the form of publicly coordinated validation networks such as Ethereum and Bitcoin with their own monetary circles provides for a revealing litmus test for current financial regulatory schemes. After a brief introduction (I.), the article highlights the interrelation between distributed coordination and the emission of virtual currency to make sense of the function of the new monetary phenomenon (II.). It then argues for the regulation of financial services on the ground of the technology to ensure integrity standards (III.) and emphasises the shortcomings of the current EU regulatory regimes (IV.), especially the regulation frameworks regarding financial services, payment services and electronic money.

Kennedy, Charles H., Uber’s Ongoing Data Privacy Woes, CRi 2019, 15-18

In Summer 2017, an article in this journal discussed a complaint filed with the U.S. Federal Trade Commission (“FTC” or “Commission”) against Uber Technologies, Inc. (“Uber”). The complaint alleged that Uber had “continued to track iPhone users who once had installed the Uber app even after they [the users] believed they had deleted it from their device.” The FTC has not, so far, taken any public action against Uber based upon the tracking allegations. However, the earlier article predicted, that complaint was not the end of Uber’s privacy troubles. Since the 2017 complaint was made, U.S. prosecutors and agencies at both the state and federal level have brought enforcement actions alleging that Uber failed to secure private information and concealed some of those failures from the public and the authorities. Similar actions were brought against Uber in the EU. Uber has been ordered to pay substantial amounts in settlement of some of those claims, but it is unclear whether those complaints point to a failure in Uber’s corporate culture that has yet to be resolved.

Case Law

Court of Appeals for the 2nd Circuit v. 12 December 2018 - [Docket No. 16-2321], USA: Resale of Digital Music Files – ReDigi, CRi 2019, 18-22

Unemployment Insurance Appeal Board v. 12 July 2018 - (A.L.J. Case No. 016-23494), USA: New York Drivers as Employees of Uber, CRi 2019, 22-25

Supreme Court v. 13 June 2018 - [(2017) EWCA Civ 51], UK: Platform As Circumvention of Employment – Pimlico, CRi 2019, 26-28

High Court of Justice v. 5 December 2018 - [(2018) EWHC 3342 (Admin)], UK: No Right to Collective Bargaining for Riders of Deliveroo, CRi 2019, 28-30

District Court for the Central District of California v. 20 February 2018 - , USA: Misuse of Copyright by Restricting Secondary Transfers of Physical Copies, CRi 2019, 31


Motsnyi, Igor, Russia: Google’s Fine for Non-Compliance with “Search Results” Law, CRi 2019, 31-32

Verlag Dr. Otto-Schmidt vom 12.02.2019