Data protection: JURI shortlist

From La Quadrature du Net
Revision as of 18:01, 4 March 2013 by Arthur (talk | contribs) (Created page with "This page reproduces and completes the [http://www.edri.org/ EDRi]'s analysis on the JURI's amendments to reject and to support. =Amendments to reject= ==Amendment 22 - Anon...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

This page reproduces and completes the EDRi's analysis on the JURI's amendments to reject and to support.

Amendments to reject

Amendment 22 - Anonymisation

Article 4 - Definitions

  • (2a) ‘data rendered sufficiently anonymous’ means data, the information on personal or material characteristics contained in which can no longer be associated with an identified or identifiable individual or could only be so associated at a disproportionate cost in terms of time and financial and human resources;


Edri's analysis: The problem with this formulation is that with technological progress, the means for de-anonymising data advance quickly. In other words: it is likely that measures that are 'disproportionate' today will not be 'dispropotionate' in several years, which removes the increased legal certainty that the amendment was intended to create.


Amendment 24 - Legitimate interest

Article 6- Lawfulness of processing

  • 1. Processing of personal data shall be lawful only if and to the extent that at least one of the following applies:
    • (a) the data subject has given consent to the processing of their personal data for one or more specific purposes;
    • ...
    • f) processing is necessary for the purposes of the legitimate interests pursued by a controller or by a third party or third parties to whom the data are communicated, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child. This shall not apply to processing carried out by public authorities in the performance of their tasks.


Edri's analysis: This formulation decreases control of citizens over their personal data, as data may be used by (unknown) third parties without citizens' consent.


Amendment 36 - Right to data portability

Article 18 - Right to data portability

  • 1. The data subject shall have the right, where personal data are processed by electronic means and in a structured and commonly used format, to obtain from the controller a copy of data undergoing processing in an electronic and structured format which is commonly used and allows for further use by the data subject.
  • 2. Where the data subject has provided the personal data and the processing is based on consent or on a contract, the data subject shall have the right to transmit those personal data and any other information provided by the data subject and retained by an automated processing system, into another one, in an electronic format which is commonly used, without hindrance from the controller from whom the personal data are withdrawn.
  • 3. The Commission may specify the electronic format referred to in paragraph 1 and the technical standards, modalities and procedures for the transmission of personal data pursuant to paragraph 2. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 87(2).


Edri's analysis: [It] suggests the deletion of the right to data portability. The JURI Committee should follow the ITRE vote and adopt the right to port your data in interoperable formats.


Amendment 114 - Consent

Article 4 - Definitions

  • (8) ‘'the data subject's consent’' means any freely given specific, informed and explicit indication of his or her wishes by which the data subject, either by a statement or by a clear affirmative action, signifies agreement to personal data relating to them being processed form of statement or conduct by the data subject indicating assent to the data processing proposed. Silence or inactivity does not in itself indicate acceptance;


Edri's analysis: The definition of "consent" should not be changed. Allowing implicit consent will lead to a 'race to the bottom', allowing for consent as pre-ticked boxes or as part of general terms and conditions.


Amendment 144 - Purpose limitation

Article 5 - Principles relating to personal data processing

  • Personal data must be:
    • (a) processed lawfully, fairly and in a transparent manner in relation to the data subject;
    • (b) collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes;
    • ...

Article 6 - Lawfulness of processing

  • 1. Processing of personal data shall be lawful only if and to the extent that at least one of the following applies:
    • (a) the data subject has given consent to the processing of their personal data for one or more specific purposes;
    • ...
    • f) processing is necessary for the purposes of the legitimate interests pursued by a controller, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child. This shall not apply to processing carried out by public authorities in the performance of their tasks.
  • ...
  • 4. Where the purpose of further processing is not compatible with the one for which the personal data have been collected, the processing must have a legal basis at least in one of the grounds referred to in points (a) to (e) (f) of paragraph 1. This shall in particular apply to any change of terms and general conditions of a contract.


Edri's analysis: This amendment weakens the principle of purpose limitation (see Article 5 (b)) by allowing use of personal data for unrelated and incompatible purposes. Purpose limitation, as one of the main pillars of data protection, should not be weakened.

Explanation: A data subject may accept his data to be collected for a specified and specific purpose. Thus, these data cannot be processed in a way incompatible with this purpose, except in five limited cases: new consent is given, the data subject is party to a contract which requires this process, his vital interests are at stake or public interest demands this process. This amendment extends these narrow exceptions to the broad and dangerously vague concept of legitimate interest.


Amendment 227 - Profiling

Article 20 - Measures based on profiling

  • 1. Every natural person shall have the right not to be subject to a measure which produces legal effects concerning this natural person or significantly affects this natural person, and which is based solely on automated processing intended to evaluate certain personal aspects relating to this natural person or to analyse or predict in particular the natural person's performance at work, economic situation, location, health, personal preferences, reliability or behaviour.
  • 2. Subject to the other provisions of this Regulation, a person may be subjected to a measure of the kind referred to in paragraph 1 only if the processing:
    • (a) is carried out in the course of the entering into, or performance of, a contract, where the request for the entering into or the performance of the contract, lodged by the data subject, has been satisfied or where suitable measures to safeguard the data subject's legitimate interests have been adduced, such as the right to obtain human intervention; or
    • (b) is expressly authorized by a Union or Member State law which also lays down suitable measures to safeguard the data subject's legitimate interests; or
    • (c) is based on the data subject's consent, subject to the conditions laid down in Article 7 and to suitable safeguards lawful pursuant to Article 6(1) (a) to (f) of this regulation.


Edri's analysis: : This would effectively remove all additional protections against profiling, rendering the right not to be subject to it void. It would for example include "legitimate interests" of the controllers and would also grant public sector controllers wide discretion to engage in profiling.


Amendments to support

- Am 107 – Article 4 – 1 : This amendment improves the Commission wording by pointing out that being able to "single out" a person is enough for the data to be considered personal data.

- AM 135 – Article 6-1-f : Given the slippery nature of the concept of "legitimate interest", it would be best to remove this ground for processing - or at least additional safeguards should be put in place to allowed this clause only as a measure of last resort when no other legal ground for data processing exists. It should also be justified and communicated to the public before it is used.

- AM 211 – Article 18 : This improves the right to data portability. Requiring interoperable formats prevents controllers from providing data in formats that would create a “lock-in effect” or even tie users to possibly expensive proprietary formats.

- AM 221: This amendment clarifies that profiling of citizens should be properly regulated, both on- and offline.

- AMs 223-225 : These amendments improve the Commissions proposal by providing better safeguards regarding profiling.

- AM 345 – Article 44 a (new) on transfers to third countries. This amendment provides good additional protection against third countries that wish to enforce their laws against European citizens.