Overview
Cybersecurity Law Report featured insights from Steptoe partner Anne‑Gabrielle Haie in its analysis of the Court of Justice of the European Union (CJEU)'s Russmedia ruling, which significantly expands GDPR obligations for online marketplaces. The article explains that the decision broadens joint‑controller liability and requires platforms to proactively identify sensitive data, verify advertiser identities, and implement enhanced security measures – moving from reactive compliance to governance‑by‑design.
Anne‑Gabrielle highlighted the ruling's potential industry‑wide impact, noting that "any media that is used to display advertisements could potentially be affected," and underscored that monitoring must extend beyond sensitive data to personal data more broadly. She emphasized that implementing the required measures will be "extremely difficult to implement from a practical standpoint." She also predicted that "the whole way the advertisement industry works will need to change."
Read more at Cybersecurity Law Report (subscription may be required).
