readenglishbook.com » Law » GDPR Articles With Commentary & EU Case Laws, Adv. Prashant Mali [books to read as a couple .txt] 📗

Book online «GDPR Articles With Commentary & EU Case Laws, Adv. Prashant Mali [books to read as a couple .txt] 📗». Author Adv. Prashant Mali



1 ... 42 43 44 45 46 47 48 49 50 ... 71
Go to page:
express arguments and justifications in what respect the transfer of the data was necessary to satisfy the public interest which he invoked, nor that the transfer would have been proportionate to his aims.

Further, the Parliament was not required to weigh the interests invoked by the applicant against those of MEPs, or to determine whether there was any reason to assume that the legitimate interests of those MEPs might have been prejudiced by such transfer. Thus, no manifest error that the Parliament might have made in weighing up interests has any bearing in this case on the lawfulness of the decision.

Article 4(1)(b): This is an indivisible provision requiring the institution concerned always to examine and assess any undermining of privacy and the integrity of the individual in conformity with Regulation 45/2001.

 

T-190/10, EGAN & HACKETT V. EUROPEAN PARLAMENT, 28.3.2012 (“EGAN & HACKETT”)

Application for annulment of European Parliament decision denying access to certain documents. The applicants, who had worked for former MEPs, requested access to certain documents, which they stated they needed to commence legal proceedings. Among the documents requested were lists of assistants open for public inspection since 1984. Access was denied to the list on grounds of Article 4(1)(b) of Regulation 1049/2001 and Regulation 45/2001, except that lists open to the public during the period of professional activity of the persons.

Scope of Regulation 45/2001: Neither Article 2(3) of Regulation 1049/2001, nor Article 3(2) of Regulation 45/2001, nor any other provision, contains any restriction such as to exclude from their respective scopes documents, which were, but are no longer, available.

Access: The Parliament systematically took the view that the public should not have access to documents revealing the identity of former MEP assistants. It did not carry out an examination to show that the access would specifically and effectively undermine their privacy within the meaning of the provisions in question, nor did it verify whether the risk of the protected interest being undermined was reasonably foreseeable and not purely hypothetical. Thus, it failed to show to what extent disclosure would specifically and effectively undermine the right to privacy.

Sensitive data: The argument that release of names of former MEP assistants would reveal their political opinions and therefore constitute sensitive data was not substantiated and cannot make up for the fact that the contested decision failed to show why disclosure would specifically and effectively undermine their right to privacy within the meaning of Article 4(1)(b) of Regulation 45/2001.

 

T-115/13, DENNEKAMP V. EUROPEAN PARLIAMENT (15.7.2015) (“DENNEKAMP II”)

Application for annulment of European Parliament decision refusing to grant access to documents under Regulation 1049/2001 relating to the affiliation of certain MEPs to the additional pension scheme. This case is related to case T-82/09, Dennekamp v. European Parliament, 23.11.2011. After receiving the judgment in that case, the applicant submitted a new request for access to four categories of documents relating to affiliation of certain MEPs to the additional pension scheme. He stated in the application that there was an objective necessity for the personal data to be transferred, relying on a broad public interest in transparency and how decisions were taken; that it was of the utmost importance for European citizens to know which MEPs had a personal interest in the additional pension scheme which involved the use of considerable public funds; and in the confirmatory application, he relied on the rights to information and freedom of expression. The EP denied access to three of the four categories, and confirmed the decision in response to the applicant’s confirmatory application. The applicant sought annulment of the EP’s decision.

Transfers: Articles 7-9 of Regulation 45/2001 precisely limit the possibility of transferring personal data so as to make it subject to strict conditions which, if not fulfilled, prohibit any transfer. Those conditions always include the necessity of the transfer in the light of various aims.

Balancing fundamental rights: If the applicant has established necessity, and the institution decides there is no reason to assume that DS’ legitimate interests may be prejudiced, the data may be transferred and the documents are to be made available to the public. To fulfill the condition of necessity under that article, an applicant for access to documents containing personal data must establish that the transfer of personal data is the most appropriate of the possible measures for attaining the applicant’s objective, and it is proportionate to that objective, which means the applicant must submit express and legitimate reasons to that effect. This strict interpretation cannot be regarded as creating a broad exception to the fundamental right of access to documents, which would result in an unlawful restriction of that right. Rather, it reconciles two fundamental yet opposing rights, the institution being required also to examine whether the legitimate interests of the data subjects might be prejudiced by the transfer. The general nature of the justification for transfer has no direct effect on whether the transfer is necessary for the purposes of attaining the applicant’s aim.

Here the applicant made two arguments to establish necessity. First, that necessity was based on the right to information and freedom of expression. These are not sufficient to establish that the transfer is the most appropriate of the possible measures for attaining the objective, or that it is proportionate to that objective. Moreover, the applicant did not make clear in what respect transferring the names of the MEPs participating in the scheme was the most appropriate measure for attaining the objective he had set for himself. He merely asserted that the measures designed to provide public control over public expenditure in the context of the additional pension scheme, like the discharge procedure, did not protect the fundamental right to information and to communicate it to the public. From this it cannot be determined in what respect the transfer would be the most appropriate measure, or how it is proportionate.

Second, the applicant argued that the transfer of personal data is necessary to determine whether MEPs’ voting behavior regarding the additional pension scheme is influenced by their financial interest, and disclosure of all the names of the MEPs participating in the scheme would be the only way for the public to hold its representatives accountable for their actions in relation to the scheme. The court agreed that the transfer is the only measure by which the applicant’s aim can be attained; no other measure is capable of ensuring that MEPs facing a potential conflict of interest are identified. Further, it is proportionate for this purpose.

The EU institution or body in receipt of the application must refuse the transfer if there is the slightest reason to assume that the data subjects’ legitimate interests would be prejudiced. MEPs as public figures have chosen to expose themselves to scrutiny by third parties, particularly the media and general public, even if such choice in no way implies that their legitimate interests must be regarded as never being prejudiced by a decision to transfer their data. Thus, they have generally already accepted that some of their personal data will be disclosed to the public. That must be taken into account when assessing the risk of prejudice to their legitimate interests. Particular consideration should be given to the link between the personal data at issue and their mandate, and to the legal and financial commitment of the EP to the scheme. In view of the importance of the interests invoked here, which are intended to ensure the proper functioning of the EU by increasing the confidence that citizens may legitimately place in the institutions, the legitimate interests of the MEPs who are members of the scheme cannot be prejudiced by the transfer of personal data at issue.

An institution, which refuses access on the ground of prejudice to legitimate interests must state reasons for invoking such interests. The institution must explain how disclosure of a document could specifically and actually undermine the interest protected by the exception. The explanation cannot consist of a mere assertion that access would undermine privacy. Examination of the specific and actual nature of the undermining of the interest under Article 4(1)(b) of Regulation 1049/2001 is in dissociable from the assessment of the risk that the legitimate interests of the data subject referred to in Article 8(b) of Regulation 45/2001 which,

 

through the disclosure to the public, might be prejudiced by the transfer of personal data.

 

T-496/13, MCCULLOUGH V. CEDEFOP (11.6.2015)(“MCCULLOUGH”)

Application for annulment of Cedefop’s decision refusing access to documents. The applicant, who had been employed by Cedefop, requested access to the minutes of all meetings of various internal groups for a specified period stating that he needed them to prepare his defence in legal proceedings between him and Cedefop pending before the Greek courts. Access was denied on the basis of Article 4(1)(b) and 4(3), and on grounds that Cedefop was not in possession of some of the requested documents, in response the initial and confirmatory applications. Regarding minutes of the Governing Board and its Bureau, Cedefop considered that the names of the members which were contained in those minutes constituted personal data protected by Regulation 45/2001, and access could lead to a serious violation of the privacy and integrity of the members, as their opinions would be clearly shown in the documents. The applicant argued that the names and functions of the members of Cedefop’s Governing Board and Bureau are not personal data and that Cedefop’s statement that disclosure of the members opinions and views would violate their privacy is contrary to the principle of transparency (among others).

Definition of personal data: Surnames are personal data and therefore are protected by Regulation 45/2001. The fact that the members of Cedefop’s decision- making bodies participated in the meetings of those bodies in connection with the exercise of their public duties and not in the private sphere, and that the surnames were published in the OJ or on the internet, does not affect the characterization of the surnames as personal data.

Transfer: Applicant cannot be deemed to have proved the necessity of having the personal data at issue transferred. The only justification provided was to supplement his written defence before the Greek Examining Magistrate. Applicant did not provide any information or justification as to how the submission of the requested documents containing that data would affect the Greek proceedings, the risks to which he would be exposed in procedural terms, and the merits of his defence if the documents were not submitted to the Greek Magistrate.

Article 4(1)(b): Exceptions under Article 4 must be interpreted and applied strictly. An institution refusing access must explain how disclosure of that document could specifically and actually undermine the interest protected by the exception. Fact that a document concerns an interest protected by an exception is not of itself sufficient to justify application of that exception. Rather, it is necessary for institution to have previously determined (1) that the document would specifically and actually undermine the protected interest and (2) that the risk of the protected interest being undermined is reasonably foreseeable and not purely hypothetical. Institution must explain how granting access to the document could specifically and actually undermine the interest protected by the exception under Article 4(1)(b).

 

Here, Cedefop simply states that the persons concerned are protected as individuals and any access would lead to a serious violation of the privacy and integrity of the individual as they clearly demonstrated the opinions and views of the members on the subject matters discussed. However, Cedefop neither carried out an examination demonstrating that granting access to those documents would specifically and actually undermine the privacy of those members within the meaning of Article 4(1)(b), nor verified whether the risk of the protected interest being undermined was reasonably foreseeable and not purely hypothetical. It is not apparent how the opinions and views expressed could fall within the sphere of their privacy, since those meetings were professional.

 

 

1 ... 42 43 44 45 46 47 48 49 50 ... 71
Go to page:

Free e-book «GDPR Articles With Commentary & EU Case Laws, Adv. Prashant Mali [books to read as a couple .txt] 📗» - read online now

Comments (0)

There are no comments yet. You can be the first!
Add a comment