I’m not talking about who is in breach or not, I argued about the jurisdiction of the court, which they ruled that the law does apply to Clearview (even if it wasn’t breached). It’s literally in the article, maybe you should read it?
Also, foreign companies saving any data on EU citizens who reside in the EU are subject to the GDPR, see this webpage set up by lawyers who actually know about this stuff:
Collecting personal data from EU citizens whilst they are in the EU is doing business in the EU, which is why the court ruled the law did apply. Did you read the article?
Clearview was not fined specifically because of a provision in that same law that says such data collection is permitted if they were doing this business on behalf of foreign law enforcement. So the UK court ruled the law does apply, but that Clearview wasn’t in breach. The UK court used EU law to determine Clearview was not in breach of EU law. The fine was not removed because Clearview is outside of their jurisdiction, which they’re simply not.
The judgment, issued by the three-member tribunal at the First-tier Tribunal, agreed with Clearview’s assertion that the ICO lacked jurisdiction in the case because the data processing in question was carried out on behalf of foreign government agencies.
Yeah, I’m going to take the judgement as the truth over your opinion of a fictional ECJ judgement, especially as the UK GDPR law is exactly the same as the EU one.
I’m not talking about who is in breach or not, I argued about the jurisdiction of the court, which they ruled that the law does apply to Clearview (even if it wasn’t breached). It’s literally in the article, maybe you should read it?
Also, foreign companies saving any data on EU citizens who reside in the EU are subject to the GDPR, see this webpage set up by lawyers who actually know about this stuff:
And the French also brought a case, precisely because the law does apply and they have jurisdiction. So thanks for proving my point I guess?
They weren’t conducting business, as the article says. If they were, the law, in the UK, which hasn’t changed, would apply. But they weren’t.
Collecting personal data from EU citizens whilst they are in the EU is doing business in the EU, which is why the court ruled the law did apply. Did you read the article?
Clearview was not fined specifically because of a provision in that same law that says such data collection is permitted if they were doing this business on behalf of foreign law enforcement. So the UK court ruled the law does apply, but that Clearview wasn’t in breach. The UK court used EU law to determine Clearview was not in breach of EU law. The fine was not removed because Clearview is outside of their jurisdiction, which they’re simply not.
Yeah, I’m going to take the judgement as the truth over your opinion of a fictional ECJ judgement, especially as the UK GDPR law is exactly the same as the EU one.
Please provide a link that shows otherwise