In Fashion ID, the Court of Justice of the European Union (‘CJEU’) held that an operator of a website featuring a Facebook ‘Like’ button is a data controller under EU Directive 95/46 (‘Directive’) jointly with Facebook in respect of the collection and transmission of the personal data of website visitors to Facebook, but Facebook alone is a data controller for any subsequent data processing. While the CJEUs expansive interpretation of joint controllership aims to leave ‘no gaps’ in the protection of individuals, we question whether the proposed solution to ‘fragment’ controllership into different stages of processing helps to achieve that goal. We argue that CJEUs ‘fragmented’ approach is incompatible with the GDPR, as it does not reveal the intended purposes of data processing, and thus negates informed and specific consent. We suggest that such ‘fragmentation’ undermines the consistency, predictability and transparency of EU data protection law by obscuring the pervasiveness of data commodification in the digital economy.

中文翻译：

---

当“赞”不是“赞”时：一种新的零散数据管理方法

在Fashion ID中，欧盟法院（'CJEU'）裁定，具有Facebook“赞”按钮的网站的运营商是欧盟指令95/46（“指令”）与Facebook共同的数据控制者。尊重网站访问者的个人数据到Facebook的收集和传输，但Facebook本身就是任何后续数据处理的数据控制者。尽管欧洲法院对联合控制权的广泛解释旨在在保护个人方面不遗余力，但我们质疑将“碎片化”控制权纳入不同处理阶段的提议解决方案是否有助于实现该目标。我们认为CJEU的“碎片化”方法与GDPR不兼容，因为它无法揭示预期的数据处理的目的，因此否定了知情的和特定的同意。我们认为，这种“碎片化”破坏了数字经济中数据商品化的普遍性，从而破坏了欧盟数据保护法的一致性，可预测性和透明度。