EU Equality and Labor Law Quiz

Questions and Answers

Which of the following treaties introduced Article 19 TFEU, allowing the EU to tackle discrimination based on grounds such as sexual orientation, age, and disability?

• Treaty of Rome (1957)
• Amsterdam Treaty (1997) (correct)
• Maastricht Treaty (1992)
• Single European Act (1986)

Which of the following statements BEST describes the key role of the CJEU in EU equality law?

• The CJEU interprets and expands the scope of EU equality provisions through landmark rulings. (correct)
• The CJEU enforces directives, ensuring that member states comply with their obligations.
• The CJEU acts as a mediator between member states to resolve disputes regarding equality laws.
• The CJEU primarily focuses on enacting new directives to address specific equality issues.

Which EU directive provides a comprehensive framework for gender equality, covering areas such as equal pay, access to employment, and social security?

• Directive 2006/54/EC (Recast Directive on gender equality) (correct)
• Directive 92/85/EEC (Pregnancy and Maternity Protection)
• Directive 2010/41/EU (Self-Employed Workers Directive)
• Directive 2000/78/EC (Framework Equality Directive)

Which of the following legal provisions directly prohibits nationality-based discrimination in the context of employment?

Article 45 TFEU (C)

Which of the following is NOT a key provision within the Insolvency Directive (2008/94/EC)?

Information and Consultation (D)

What is the primary purpose of the European Social Fund (ESF)?

To support projects and initiatives that aim to improve social inclusion and employment. (D)

Which of these statements BEST describes the concept of 'social dialogue' in the context of EU labor law?

A structured process involving social partners (trade unions and employers) in shaping EU labor law. (A)

According to the content, which case established a broad definition of 'employees' in the context of transfers of undertakings, potentially including those not formally employed by the transferor?

Albron (A)

What is the purpose of the Insolvency Directive (2008/94/EC)?

To ensure minimum protection for employees in cases of employer insolvency. (D)

Which EU directive addresses issues related to collective redundancies in the context of restructuring processes?

Collective Redundancies Directive (98/59/EC) (B)

Which of the following is NOT a key theme to understand for success with the exam according to the content?

Familiarizing yourself with the key directives (A)

Which of the following is NOT a core theme of the European Pillar of Social Rights?

Free movement of goods and services (B)

Which of the following is a focus area mentioned in the content?

Procedural safeguards in collective redundancies and transfers (C)

Which of the following is a key issue emerging in EU labor law due to the rise of platform work and digitalization?

Lack of clarity regarding worker status and rights for platform workers. (A)

Which EU directive strengthened work-life balance provisions, enhancing parental leave and flexible working arrangements?

Work-Life Balance Directive (2019/1158) (D)

Which of the following is a direct outcome of the Treaty of Rome (1957) in relation to social objectives within the EU?

Introduction of equal pay provisions for men and women. (A)

Which EU directive aims to ensure workers have access to a minimum of 4 weeks of paid leave per year?

Working Time Directive (2003/88/EC) (A)

Which of the following is NOT an emerging issue discussed in the content?

Collective bargaining power in the EU (A)

Which legal document guarantees equality between men and women in all areas within the EU?

Charter of Fundamental Rights of the European Union (C)

What is the main principle established in the Transfer of Undertakings Directive (2001/23/EC) regarding employees' contracts and collective agreements?

They are automatically transferred to the new employer. (D)

How does the Regulation 883/2004 contribute to the social security of mobile workers within the EU?

It ensures that mobile workers can claim and receive their social security benefits regardless of their location. (A)

Which of the following examples BEST exemplifies a concept of 'work of equal value', as interpreted by the CJEU in the context of Article 157 TFEU?

Two employees performing different jobs requiring similar levels of skill and responsibility. (C)

Which EU directive explicitly prohibits discrimination based on racial or ethnic origin in areas such as employment, education, and housing?

Race Directive (2000/43/EC) (A)

Which treaty empowered social partners (trade unions and employers) to negotiate agreements that could be enforced as directives?

Maastricht Treaty (1992) (D)

Which of the following is NOT a protected characteristic covered by the Framework Equality Directive (2000/78/EC) in employment contexts?

Marital Status (C)

What is the main purpose of the proposed Horizontal Equality Directive (COM/2008/0426)?

To provide protection against discrimination in areas beyond employment. (D)

In the case of Feryn, what type of discrimination was established against the employer?

Direct Discrimination (C)

What is the key objective of the Achbita case in relation to discrimination?

To examine the justification of religious neutrality policies under indirect discrimination. (A)

Which of the following scenarios constitutes direct discrimination?

A company refusing to hire a job applicant because of their religion. (A)

Which of the following is NOT a potential justification for direct discrimination?

Personal preferences of the employer (C)

What are the two key criteria for justifying indirect discrimination?

Legitimate aim and proportionate means (C)

When does the burden of proof shift to the respondent in a discrimination case?

When the claimant establishes a prima facie case of discrimination. (C)

Which of the following is NOT a step in the three-step test for assessing discrimination?

Assessing the financial impact of the discrimination. (B)

What is the primary legal basis for EU equality provisions?

Article 19 TFEU (C)

Which directive establishes minimum safety and health requirements for organizing working time?

Working Time Directive (2003/88/EC) (B)

Which of the following circumstances is NOT covered by the scope of the Working Time Directive?

Healthcare professionals (D)

According to the CJEU, which of the following can be considered working time?

On-call time if the worker must be physically present (D)

What is the rationale behind the EU directives aiming to mitigate the social costs of restructuring processes?

To protect workers' rights and involve them in restructuring processes. (B)

What is the key element defining collective redundancies as stated in the Collective Redundancies Directive (98/59/EC)?

Dismissals of a minimum number of workers due to reasons unrelated to individual performance. (A)

What type of information must employers provide to worker representatives during consultation regarding collective redundancies?

Written information about the reasons for redundancy, affected categories, and timeline. (A)

Which of the following is NOT a key concern regarding data protection laws formulated in the 1970s?

The potential for data breaches (D)

The European Convention on Human Rights (ECHR) emphasizes data protection as a key right.

False (B)

Which of these is NOT a reason cited for the need for a new data protection law, like the GDPR, to replace the 1995 Directive?

The need to restrict data processing for public institutions (C)

The concept of "informational privacy" emphasizes:

A right to control the use of personal data (B)

What are the key challenges faced by the Data Protection Directive (1995)? (Select all that apply)

Difficulty addressing rapid technological changes (B), Lack of uniformity in implementation across EU member states (D), Limited resources for enforcement by data protection authorities (E)

Which of these is NOT a reason for the evolution of data protection laws?

A recent shift in focus towards ensuring data security (B)

What are the key aims of the General Data Protection Regulation (GDPR)? (Select all that apply)

To strengthen the rights of individuals regarding their data (A), To replace the 1995 Data Protection Directive (B), To harmonise data protection laws across EU member states (E)

Which international declaration first acknowledged privacy as a fundamental human right?

The Universal Declaration of Human Rights (C)

What are the key mechanisms for ensuring appropriate safeguards under Article 46 of the GDPR?

Standard Contractual Clauses (SCCs), Binding Corporate Rules (BCRs), and Custom Contractual Clauses (B)

What is the purpose of the adequacy decisions issued by the European Commission regarding data transfers to non-EU countries?

To ensure that the level of data protection in the receiving country is equivalent to that in the EU. (A)

According to GDPR Article 77, which of these authorities can individuals file complaints with regarding data protection infringements?

Supervisory authorities in the individual's place of residence, workplace, or location of the infringement. (B)

What is the significance of the Schrems I and II rulings regarding data transfers to the United States?

They invalidated the Safe Harbor and Privacy Shield frameworks due to insufficient data protection standards in the US. (C)

What is the role of Binding Corporate Rules (BCRs) in ensuring data protection within multinational organizations?

They provide a framework for internal rules governing data transfers within a multinational organization. (C)

Which of these is NOT a key responsibility of supervisory authorities under the GDPR?

Enforcing national laws on data protection. (D)

According to Article 83 of the GDPR, what are the maximum fines that can be imposed for violations?

Up to €20 million or 4% of annual global turnover, whichever is higher. (A)

Which of these is NOT a factor considered when determining the severity of a GDPR fine?

The financial loss incurred by individuals due to the violation. (C)

What is the right to judicial remedy under Article 78 of the GDPR?

The right to challenge supervisory authority decisions in court. (C)

What is the significance of the "market-making" and "market-correcting" rationales for labor law?

They show how labor law contributes both to facilitating economic activity and addressing social inequalities. (A)

What is the primary source of EU labor law?

EU Treaties, specifically Articles 151-161 of the Treaty on the Functioning of the European Union (TFEU). (C)

What is the key difference between national and EU labor law in terms of scope?

National law is more comprehensive, while EU law is more specific and focused on particular areas. (D)

What is the significance of the "continuous improvement" language in Article 117 of the Treaty of Rome regarding working conditions?

It emphasizes the need for constant progress and enhancement of working conditions within the EU. (A)

Which of these is NOT an example of a national data protection authority?

European Data Protection Board (C)

Which of the following illustrates a key principle of international data transfer within the EU and EEA?

Personal data can freely move between EU Member States and EEA countries, without restrictions or prohibitions. (B)

According to the GDPR, which of the following is an example of a lawful transfer of personal data from the EU to a third country?

Transfer based on a binding corporate rule (BCR) approved by the relevant supervisory authority (D)

What is the primary purpose of pseudonymization under the GDPR?

To temporarily mask personal data for specific processing tasks, allowing for re-identification with additional information (B)

In the context of the GDPR, what is the key difference between anonymization and pseudonymization?

Anonymization permanently removes all identifiable information, while pseudonymization only masks it. (A)

Which of the following is NOT a requirement for a third country to receive an adequacy decision under the GDPR?

The third country must have a data protection law that is identical to the GDPR (C)

Which of the following rights under the GDPR allows individuals to request the deletion of their personal data in certain circumstances?

Right to Erasure ('Right to Be Forgotten') (B)

The GDPR requires controllers to implement and demonstrate compliance with all its principles. What is this principle known as?

Accountability (C)

Which of the following actions is NOT a technical measure for protecting integrity and confidentiality of personal data under the GDPR?

Data Minimization (D)

Which of the following is a valid example of an organizational policy for protecting integrity and confidentiality of personal data under the GDPR?

Regularly conducting staff training on data protection principles (A)

Which of the following is NOT a valid scenario for data subjects to exercise their right to rectification under the GDPR?

Requesting the removal of their personal data altogether, as they no longer wish to be contacted by the company. (A)

According to the 'Right to Be Forgotten' principle, when can data subjects NOT request the erasure of their personal data?

When the data is necessary for legal claims or regulatory purposes. (D)

Individuals can request restrictions on data processing under the GDPR when:

They believe that the data is inaccurate and they challenge its accuracy (C)

In what circumstances can data subjects object to the processing of their personal data under the GDPR?

When the data is being processed for direct marketing based on legitimate interests (B)

What did the Digital Rights Ireland case (2014) establish as a crucial principle for GDPR compliance?

The principle of proportionality, ensuring measures are appropriate and necessary (B)

The S. and Marper v. UK (2008) case emphasized what key aspect of data retention?

The importance of limiting data retention periods to prevent undue interference with rights (A)

Which of the following is NOT a key GDPR principle emphasized in this content?

Harmonization (B)

Which of the following is NOT a principle of data processing under GDPR's Article 5?

Proportionality (A)

Which of the following is a valid legal basis for processing personal data under Article 6 of the GDPR?

Explicit consent from the data subject. (D)

Which of the following scenarios demonstrates a violation of the purpose limitation principle under Article 5 of the GDPR?

An airline uses passenger data for ticket booking and also shares it with immigration authorities for border control. (B)

Which of the following describes the principle of Data Minimization?

Collecting only the data that is strictly necessary for the intended purpose. (A)

What does the term 'Processor' refer to under GDPR?

A company that processes personal data on behalf of a controller. (B)

In the context of GDPR, what does 'Consent' require?

To be given freely, specifically, informed, and unambiguously. (D)

Applying GDPR's territorial scope, Which of the following scenarios does NOT fall under its jurisdiction?

An individual in the US collecting personal data of their family members for personal use. (B)

According to the CJEU ruling in the Google Spain case, which of the following statements is true?

Data subjects have the right to be forgotten, which includes the erasure of irrelevant or outdated information. (A)

What is the main purpose of the GDPR?

To protect the privacy and rights of individuals with regard to their personal data. (D)

Which of the following factors would NOT be considered when assessing the compatibility of further processing of data for a new purpose?

The size and financial capacity of the organization processing the data. (A)

Which of the following actions is NOT an obligation of a data controller under the principle of Accuracy?

Collecting only the minimum amount of data necessary. (A)

Which of the following examples demonstrates the principle of Purpose Limitation?

An online retailer using customer data to send personalized marketing emails. (B)

Which of the following statements about GDPR's applicability is TRUE?

GDPR applies to organizations within the EU and non-EU organizations that offer goods or services to EU citizens. (A)

Under which principle of GDPR is pseudonymization encouraged?

Data Minimization (D)

What is the primary difference between a Controller and a Processor?

The controller determines the purpose and means of processing data, while the processor processes data on the controller's behalf. (D)

Flashcards

Right to Privacy

Protects individuals' private lives and is rooted in human rights frameworks.

Right to Data Protection

Regulates personal data processing, ensuring individual control over data use.

ECHR

European Convention on Human Rights that formalizes privacy rights in Europe.

Informational Privacy

The right of individuals to control their personal data.

Data Protection Directive (1995)

An effort to unify data protection laws across the EU.

GDPR

General Data Protection Regulation adopted to harmonize EU data protection laws.

Historical Development of Privacy Rights

Chronicles the evolution of privacy rights from the 1948 UDHR to modern laws.

EU Charter of Fundamental Rights

Identifies data protection as a core right within the EU.

Personal Data

Identifiable information related to an individual (name, location, etc.).

Processing

Operations like collection, storage, and erasure of personal data.

Controller

Entity that determines the purpose and means of data processing.

Processor

Entity that processes data on behalf of a controller.

Consent (GDPR)

Freely given, informed agreement for data processing.

Territorial Scope

GDPR applies to EU controllers/processors and non-EU entities targeting EU citizen data.

Material Scope

Covers automated and structured manual data processing systems.

Principles of Data Processing

Guidelines that ensure lawful, fair, and transparent data handling.

Lawfulness (Art. 6)

Processing is legal under specific conditions like consent or contract need.

Purpose Limitation

Data must be collected for specific, legitimate purposes only.

Data Minimization

Collect only data that is adequate, relevant, and necessary.

Accuracy

Personal data must be up-to-date and correct.

Right to be Forgotten

Data subjects can request erasure of irrelevant or outdated information.

Google Spain Case

A ruling supporting the 'right to be forgotten' under the GDPR.

Storage Limitation

Personal data must be kept only as long as necessary for its original purpose.

Anonymization

Irreversibly removing identifiable elements from data, making it outside GDPR's scope.

Pseudonymization

Masking identifiable elements in data, allowing re-identification with additional info.

Accountability (GDPR)

Controllers must show compliance with GDPR principles and maintain records.

Right to Be Informed

Data subjects must receive clear information about data processing at collection.

Right of Access

Subjects can request confirmation and copies of their processed data.

Right to Rectification

Data subjects may request corrections for inaccurate or incomplete data.

Right to Erasure

Data must be deleted when no longer necessary or consent is withdrawn.

Right to Restrict Processing

Subjects can limit processing when data accuracy is contested or unlawful.

Right to Object

Subjects can resist processing based on legitimate interests or public tasks.

Adequacy Decision (GDPR)

A decision by the European Commission that a third country has equivalent protection to EU standards.

Appropriate Safeguards

Measures like Standard Contractual Clauses used when no adequacy decision exists for data transfers.

Derogations (Article 49)

Transfers may occur without an adequacy decision in specific situations like explicit consent.

Digital Rights Ireland Case

Struck down data retention laws for breaching privacy rights, emphasizing proportionality.

S. and Marper v. UK

Ruling highlighted the necessity to limit data retention, focusing on individual rights.

Transfer of Undertakings

Transfer of company parts retaining economic identity through legal means.

Employee Protection

Employment contracts transfer with the employee; dismissals allowed only for specific reasons.

Information and Consultation (Article 7)

Transferor and transferee must consult worker representatives about the transfer.

Employee Rights Post-Transfer

Workers can refuse transfer but lose original employment relationship.

Insolvency Directive Purpose

Ensures minimum employee protection in employer insolvency cases.

Outstanding Claims Guarantee (Article 3)

Member states must pay unpaid wages and severance through guarantee institutions.

Digitalization Challenges

Traditional labor laws struggle with gig and platform work conditions.

Work-Life Balance Directive

Enhances parental leave and flexible working arrangements for employees.

Adequacy Decisions

Decisions by the Commission assessing if non-EU countries ensure adequate data protection.

Schrems I

2014 case where Safe Harbour was invalidated due to US surveillance issues.

Schrems II

2020 case where the EU-US Privacy Shield was invalidated for similar reasons as Schrems I.

Standard Contractual Clauses (SCCs)

Pre-approved contracts ensuring EU data protection standards for non-EU transfers.

Binding Corporate Rules (BCRs)

Internal rules for multinational entities governing intra-group data transfers.

Data Subject Rights

Rights granted to individuals regarding their personal data under GDPR.

Right to Lodge a Complaint

Allows individuals to file complaints with supervisory authorities about data infringements.

Right to Judicial Remedy

Allows individuals to challenge decisions of supervisory authorities in court.

Sanctions under GDPR

Fines imposed by supervisory authorities for violations, based on severity and nature.

Supervisory Authorities

Independent authorities responsible for monitoring GDPR compliance in each Member State.

Compensation for Damages

Right for individuals to claim damages for material or non-material harm from GDPR violations.

International Data Transfers

Moving personal data across borders, regulated by adequacy decisions or safeguards.

Codes of Conduct/Certification

Tools for sector-specific compliance approved by supervisory authorities.

Data Protection Legislation

Laws governing how personal data can be processed and stored.

GDPR Enforcement Mechanisms

Tools and authorities to ensure compliance with GDPR stipulations.

European Social Fund

A fund established to support employment and social inclusion across the EU.

Maastricht Treaty

A treaty that empowered social partners and established key social directives.

Free Movement of Workers

Article 45 TFEU that prohibits discrimination based on nationality for workers.

Equal Treatment Directive

Directives ensuring non-discrimination based on race and gender.

Working Time Directive

Regulates working hours, including a 48-hour maximum work week.

Social Security Coordination Regulation

Regulation ensuring that mobile workers maintain their social security benefits.

Platform Work Directive

Proposed directive to improve working conditions in the gig economy.

Charter of Fundamental Rights

Document that includes the right to non-discrimination based on various grounds.

Article 157 TFEU

Establishes the principle of equal pay for equal work in the EU.

Recast Directive 2006/54/EC

A comprehensive framework addressing gender equality at work.

Race Directive 2000/43/EC

Prohibits racial discrimination in the employment sector.

Amsterdam Treaty

Introduced measures to combat discrimination and advanced social policies.

Emerging Challenges in Labour Law

Current issues like platform work and digitalization affecting workers' rights.

Social Pillar of Social Rights

Framework promoting equal opportunities and fair working conditions.

Case Law in EU Equality

Landmark rulings that interpret and expand EU equality law.

Framework Equality Directive

EU directive covering religion, disability, age, and sexual orientation in employment.

Horizontal Equality Directive

Proposed directive aimed to extend anti-discrimination protections beyond employment.

Direct Discrimination

Unfavorably treating someone because of a protected characteristic.

Indirect Discrimination

Neutral rules that disproportionately disadvantage individuals with a protected characteristic.

Harassment

Unwanted behavior violating a person's dignity or creating a hostile environment.

Burden of Proof

Responsibility on the respondent to prove no violation occurred after a claim.

Three-Step Test

A method to assess discrimination cases through protected characteristics, treatment, and justification.

Daily Rest Requirement

Workers entitled to at least 11 consecutive hours of rest in a 24-hour period.

Collective Redundancies Directive

Regulates dismissals of multiple workers for economic or structural reasons.

Transfer of Undertakings Directive

Protects workers' rights when a business is transferred to a new owner.

Maximum Working Hours

Capped at an average of 48 hours per week over a four-month period.

Rest Breaks Regulation

Mandates breaks for working days exceeding 6 hours.

Consultation Obligations

Employers must consult worker representatives before implementing redundancies.

CJEU Interpretations

European Court of Justice rulings on how working time laws apply affects workers.

Study Notes

Introduction to Data Protection and the GDPR

• Privacy vs. Data Protection: Privacy protects individuals' private lives, rooted in human rights frameworks like the ECHR. Data protection regulates personal data processing, ensuring control over data use.

• Historical Development of Privacy Rights: International milestones include the UDHR (1948) and ECHR (1950), recognizing privacy as a fundamental right. Evolution in Europe addressed privacy in the context of rebuilding a fair, democratic society.

• Technological Advancements and Privacy: Technology improves efficiency, communication, and societal productivity, but increases data collection and processing capacity. "Informational privacy" is a concept emphasizing individual control over personal data.

• Evolution of Data Protection Laws: Early laws (1970s) addressed misuse of personal information by public authorities and corporations. The EU recognized data protection as a fundamental right (TFEU, Charter of Fundamental Rights).

• EU Data Protection Laws: Key Milestones: The 1995 Data Protection Directive aimed for EU-wide uniformity but lacked consistency and enforcement due to implementation variations and rapid technological change. The 2016 GDPR replaced and strengthened the directive, harmonizing data protection across member states.

• GDPR: Core Elements: The GDPR defines "personal data" as any identifiable information relating to an individual. "Processing" includes operations like collection, storage, and erasure of data. "Controller" determines the processing purpose and method; "processor" handles data on behalf of the controller. 

• Consent (Article 4): Consent requirements are freely given, specific, informed, and unambiguous, via clear affirmative action (opt-in); data subjects can withdraw consent.

• Territorial Scope (Article 3): Applicable to EU controllers and processors regardless of data processing location, including non-EU entities offering goods/services to EU citizens or monitoring their actions.

• Material Scope (Article 2): The GDPR covers automated and structured manual data processing systems but excludes personal and household activities or public security/criminal law-related processing.

• Principles of Data Processing (Article 5): Lawfulness, fairness, and transparency ensure ethical data handling. Data must be limited to specific, legitimate purposes, minimized in quantity, accurate, limited in storage duration, secure in integrity and confidentiality; and under accountability by controllers.

GDPR Principles & Rights of Data Subjects

• Principles of Data Processing: The GDPR requires all data processing to adhere to fairness, transparency, and security principles.

• Lawfulness, Fairness, and Transparency: Processing is lawful only if one of six conditions applies: Consent, contractual necessity, legal obligation, vital interests, public interest, or legitimate interests (balanced against data subject rights). Fairness involves avoiding negative surprises; transparency requires clear communication of processing activities.

• Purpose Limitation: Data must be collected for explicit, legitimate purposes; further processing for compatible purposes is acceptable without new consent (based on compatibility factors and appropriate safeguards).

• Data Minimization: Collect only necessary data, implementing privacy-enhancing techniques like pseudonymization to mitigate identification risk.  A proportionality test balances the processing purpose against potential impact on the data subject's rights.

• Accuracy: Ensure data accuracy and up-to-date; rectify mistakes promptly and verify data regularly or periodically.

• Storage Limitation: Retain data only as long as needed for its purpose; erase or anonymize data after use. Anonymization removes identifiers, while pseudonymization masks them but allows re-identification.

• Integrity and Confidentiality: Protect data from unauthorized access, loss, or breaches through technical measures (e.g., encryption) and organizational policies (e.g., staff training). 

• Accountability: Controllers are responsible for implementing and demonstrating compliance through records of processing activities and regular audits. 

• Rights of Data Subjects: The GDPR strengthens data subject rights, enabling control over personal information.

• Right to be Informed: Controllers must provide detailed information about data processing, including identity, purpose, recipients, retention periods, and data subject rights.

• Right of Access: Allows data subjects to request confirmation of data processing, a copy of personal data, details about processing purposes and recipients, and retention periods, and rights to rectification, erasure, or objection.

• Right to Rectification: Subjects can correct inaccurate data.

• Right to Erasure (“Right to Be Forgotten”): Data erasure when no longer needed, consent is withdrawn, processing is unlawful, or subject objects without overriding grounds preventing erasure.

• Right to Restrict Processing: Subjects can restrict processing if data accuracy is disputed, processing is unlawful but erasure is opposed, or data is needed for legal claims.

• Right to Object: Subjects can object to processing primarily based on legitimate interests (e.g., direct marketing) or when processing is performed in the public interest.

• Pseudonymization vs. Anonymization: Pseudonymization masks data for re-identification with further information, while anonymization removes all identifiers permanently.

International Data Transfers and Enforcement Mechanisms

• International Transfer of Personal Data: Data transfer within the EU/EEA is free, but transfers to third countries require compliance through adequacy decisions or appropriate safeguards (e.g., SCCs, BCRs).

• Adequacy Decisions: The European Commission evaluates whether a third country provides an adequate level of data protection equivalent to EU standards. 

• Appropriate Safeguards: If no adequacy decision exists, data exporters use safeguards like Standard Contractual Clauses (SCCs) or Binding Corporate Rules (BCRs).

• Schrems Saga: Key cases, Schrems I and II, invalidated the Safe Harbour and EU-US Privacy Shield frameworks due to insufficient safeguards against US surveillance.

• GDPR Enforcement Mechanisms: Supervisory authorities monitor GDPR compliance, investigate complaints, conduct audits, and impose fines.

• Data Subject Rights: Individuals can file complaints with supervisory authorities; rights to judicial remedy and compensation for GDPR violations exist.

• Sanctions (Article 83 GDPR): Enforcement includes significant fines (up to €20 million or 4% global turnover) based on factors including the gravity of the infringement, duration, number of affected subjects, and cooperation during investigations.

• Supervisory Authorities: Independent bodies in each member state responsible for investigations, enforcement, and imposing fines and corrective actions.

EU Equality Law

• Development and Sources of EU Equality Law: Started with equal pay for men and women (Article 119 EEC/ 157 TFEU), expanded through the Amsterdam Treaty (Article 19 TFEU), and the Charter of Fundamental Rights.

• Article 157 TFEU: Directly effective, ensuring equal pay for work of equal value (includes severance, travel, and pension provisions).

• Equality Beyond Gender: Article 19 TFEU combats discrimination based on race, religion, disability, age, and sexual orientation.

• Common Concepts and Tests for Discrimination: EU law recognizes direct and indirect discrimination, harassment, and instructions to discriminate; it considers justifications (e.g., genuine occupational requirements).

• Types of Discrimination: Direct discrimination treats someone differently because of a protected characteristic; Indirect discrimination uses neutral provisions that disadvantage people with protected characteristics. Harassment and instructions to discriminate are also prohibited.

• Tools for Assessing Discrimination: The three-step process for discrimination analysis involves confirming if the case involves discrimination, determining if direct or indirect discrimination has occurred, and evaluating if the treatment can be justified.

• Burden of Proof: The claimant initially demonstrates discrimination; the respondent proves that no violation occurred.

EU Labour Law – Working Time and Workers’ Rights in Restructuring Processes

• Working Time Regulation: The Working Time Directive (2003/88/EC) sets maximum working hours, rest periods, and paid leave; it aims to improve worker safety and health. Key provisions include daily/weekly rest, maximum weekly hours, and minimum annual leave.

• Collective Redundancies Directive (98/59/EC): Protects employees during redundancies; Employers must consult worker representatives. Public notification of redundancies (number of workers, reasons) are required.

• Transfers of Undertakings Directive (2001/23/EC): Ensures employee rights transfer with corporate ownership changes. Consultations are required, and dismissals must be justified on economic, technical, or organizational grounds unrelated to employee identity.

• Insolvency Directive (2008/94/EC): Guarantees minimum protection for employees during employer insolvency, covering outstanding wages/contributions and ensuring contributions are paid. Cross-border insolvency cases determine which state’s regulations apply.

• Emerging Issues: Digitalization, platform work, and work-life balance impact workers' rights requiring adjustments to existing regulations. Psychosocial risks (mental health in the workplace) are also emerging as concerns.