Robin Nini

AD Article

Toward a Two-Tier Liability Regime for Online Platforms? Analysis of the CJEU’s Russmedia Decision

In a judgment dated 2 December 2025, the Court of Justice of the European Union held a marketplace operator liable for the unlawful processing of sensitive data published in a user’s advertisement. The CJEU ruled that the operator is responsible for the processing of advertisements published on its platform and must verify, prior to publication, whether they contain sensitive data and whether their processing complies with the GDPR.

AD Article

Entry into force of Directive (EU) 2019/882: accessibility by design.

The European Directive on the accessibility of products and services (commonly known as the EEA Act) requires businesses to incorporate accessibility into the design of their digital and physical offerings. This is a legal imperative that anchors an essential ethical requirement. It came into force on 28 June 2025.

AD Deal

August Debouzy advised Quable in its merger with Ibexa

August Debouzy advised Quable, a recognized specialist in Product Information Management (PIM), as well as its shareholders, in the context of its merger with Ibexa, a subsidiary of the European MarTech group QNTM and an expert in Digital Experience Platforms (DXP). Following this transaction, Ibexa has become the majority shareholder of Quable.

AD Article

GDPR and AI: A Case Study of Extraterritorial GDPR Application with Clearview AI Decisions

By three decisions issued by the Italian, French, and Dutch data protection authorities, Clearview AI has been sanctioned for numerous violations of the GDPR. Beyond the violations committed by the company, these decisions illustrate the broad extraterritorial scope of the GDPR, which applies to a company that (i) has no establishment in the European Union and (ii) does not offer goods or services in the Union. The authorities deemed that the GDPR applies to the company’s processing because its database contains photographs of European residents collected from publicly accessible sources, allowing for ‘behavioral monitoring’ within the European Union (Article 3.2 (b)). These conclusions could apply to any artificial intelligence system that collects massive amounts of personal data, regardless of the provider's location or target market.