SlideShare ist ein Scribd-Unternehmen logo

Track H - Cristina Dos Santos

Als PPTX, PDF herunterladen
ePSI Platform
ePSI Platform

How to combine personal data protection with the openness of PSI?

TechnologieNews & Politik
1 von 10
How to combine the protection of personal data with the “openness” of Public Sector Information? ePSIplatform Conference 2012 16th March 2012, Rotterdam Cristina Dos Santos Senior Researcher at CRIDS– University of Namur (Belgium)
Legal issues - 1 Public sector collects, produces, reproduces and disseminates a wide range of information in many areas of activity: social, economic, geographical, weather, tourist, business, patent, taxes, educational information, …  Directive 2003/98/EC (PSI Directive) Most of this information can be considered as „personal data‟, i.e. any information relating to an identified or identifiable natural person (the „data subject‟)  Directive 95/46/EC (Data Protection Directive) 2 ePSIplatform Conference 2012 - Rotterdam, 16th March 2012
Legal issues - 2 As a result, we have to combine the application of both legislations when personal data are at stake Current provisions of PSI Directive related with DP:  Recital (21) : « …implemented and applied in full compliance with the principles relating to the protection of personal data in accordance with [Data Protection Directive] »  Article 1 (4) : « …leaves intact and in no way affects the level of protection of individuals with regard to the processing of personal data … and in particular does not alter the obligations and rights set out in [Data Protection Directive] »  Article 2 (5) : « personal data means data as defined in Article 2 (a) of [Data Protection Directive] » 3 ePSIplatform Conference 2012 - Rotterdam, 16th March 2012
LAPSI Thematic Network WG on “Privacy Aspects of PSI” Current conclusions of the working group reflections:  No real need to review these articles of PSI Directive as regards data protection…  however, in practice, there still areheterogeneity of practices & legal uncertainty…  Need to modify or complete the PSI Directive provisions, in order to provide more « guidance » to Member States! Sources : http://www.lapsi-project.eu/(LAPSI European Thematic Network) &http://www.lapsi-project.eu/wiki/index.php/Working_Group_02 (Draft “Policy Recommendation”) 4 ePSIplatform Conference 2012 - Rotterdam, 16th March 2012
Example of “bad transposition”?… Belgium:  Transposition of PSI Directive at several levels: e.g. Federal Law of 7 March 2007 about re-use of PSI  its Article 4 imposes the systematic anonymisation of data subjects!  several « sectoral committees » (article 36bis L. 1992) have been created within the Belgian data protectionauthority – la Commission de la Protection de la Vie Privée (CPVP): any “interested person” could request to them an authorization to receive electronic disclosure of personal data hold by a [public body]…  possibility of re-use as intended by PSI Directive?  inconsistency between both legal regimes?!  A Federal Commission of Appeal on re-use has been created since 2009  still no cases… is there a re-use of PSI market?!  Example: the Crossroad Bank for Enterprises (BCE), … 5 ePSIplatform Conference 2012 - Rotterdam, 16th March 2012
Example of a “mix of solutions”… France:  Transposition of PSI Directive by the Law n°78-753 of 17 July 1978 (also called « CADA Law ») : authorizes re-use of personal data in 3 cases: • when the data subject has given his/her consent, or • when the personal data have been anonymised, or • when a legislative rule or regulation allows it  The French Data Protection authority – la CNIL – could also oblige possible re-users to address a prior request of authorization for personal data gathered by public bodies E.g.: for public archives the CNIL excludes the re-use of sensitive data and the entries made in the margins of the civil status‟ acts, but it authorizes commercial re-use following the respect of some « precautions »… 6 ePSIplatform Conference 2012 - Rotterdam, 16th March 2012
Recommendation - 1 PSI Directive could make more references to the obligationsof the data controllers within PSI Directive, e.g.:  Article 7 on „transparency‟: should suggest the establishment of a clear and (when possible) specific « privacy policy » and/or an « information document » by PSI holders about possibilities of re-use of personal data  Article 8 about „licenses‟: should remind the respect of privacy & data protection principles and obligations when the license is established by a public body 7 ePSIplatform Conference 2012 - Rotterdam, 16th March 2012
Recommendation - 2 A clear reference to national Data Protection supervisory authorities (NSAs) should be made, in order to « invite » (oblige?) potential re-users to address them their requests of re-use of PSI when personal data are at stake! Examples of « best practices » already exist (within EU institutions under EDPS guidance, in some national « combined-authorities », etc.)  Art.29 WP is the “right arena” to discuss about an “harmonized” solution (need to update its WP 83 (2003!) 8 ePSIplatform Conference 2012 - Rotterdam, 16th March 2012
Other “possible” solutions… Technical measures: Privacy by Design, PETs…  pseudonymisation, anonymisation? “Soft-law” policies (national and regional level): • “Proactive approach” of public bodies (EDPS‟ Background paper on access) • Data Protection Officers (solution of new DP Regulation!), under the control of NSAs • Codes of Conduct (at sectoral levels) • Privacy policies for openness (case-by-case approach)… Source:Bassi, Dos Santos & Fernández Salméron, Data Protection and re-use of PSI: towards a possible compromise?, CPDP 2012 9 ePSIplatformConference 2012 - Rotterdam, 16th March 2012
Thank you for your attention! Cristina Dos Santos Senior Researcher at CRIDS All comments are welcome at: http://www.lapsi-project.eu/get-involved Or by mail: cristina.dossantos@fundp.ac.be 10 ePSIplatform Conference 2012 - Rotterdam, 16th March 2012

Empfohlen

Privacy, Social Network Sites and the law
Privacy, Social Network Sites and the lawPrivacy, Social Network Sites and the law
Privacy, Social Network Sites and the lawdariphagen
 
Privacy and Data Protection in Research
Privacy and Data Protection in ResearchPrivacy and Data Protection in Research
Privacy and Data Protection in ResearchMarlon Domingus
 
Cloud computing in Hungarian financial industry 2013
Cloud computing in Hungarian financial industry 2013Cloud computing in Hungarian financial industry 2013
Cloud computing in Hungarian financial industry 2013IgorMate
 
Dead Ringers? Legal Persons & the Deceased in European Data Protection Law
Dead Ringers? Legal Persons & the Deceased in European Data Protection LawDead Ringers? Legal Persons & the Deceased in European Data Protection Law
Dead Ringers? Legal Persons & the Deceased in European Data Protection LawDavid Erdos
 
Kees stuurman
Kees stuurmanKees stuurman
Kees stuurmanAtıf ÜNALDI
 
Constitutional Privacy and Data Protection in the EU
Constitutional Privacy and Data Protection in the EUConstitutional Privacy and Data Protection in the EU
Constitutional Privacy and Data Protection in the EUDavid Erdos
 
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security PrinciplesLisa Catanzaro
 
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...John Nas
 

Empfohlen

Privacy, Social Network Sites and the law
Privacy, Social Network Sites and the lawPrivacy, Social Network Sites and the law
Privacy, Social Network Sites and the lawdariphagen
 
Privacy and Data Protection in Research
Privacy and Data Protection in ResearchPrivacy and Data Protection in Research
Privacy and Data Protection in ResearchMarlon Domingus
 
Cloud computing in Hungarian financial industry 2013
Cloud computing in Hungarian financial industry 2013Cloud computing in Hungarian financial industry 2013
Cloud computing in Hungarian financial industry 2013IgorMate
 
Dead Ringers? Legal Persons & the Deceased in European Data Protection Law
Dead Ringers? Legal Persons & the Deceased in European Data Protection LawDead Ringers? Legal Persons & the Deceased in European Data Protection Law
Dead Ringers? Legal Persons & the Deceased in European Data Protection LawDavid Erdos
 
Kees stuurman
Kees stuurmanKees stuurman
Kees stuurmanAtıf ÜNALDI
 
Constitutional Privacy and Data Protection in the EU
Constitutional Privacy and Data Protection in the EUConstitutional Privacy and Data Protection in the EU
Constitutional Privacy and Data Protection in the EUDavid Erdos
 
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security PrinciplesLisa Catanzaro
 
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...
Cloud4eu - WhitePaper - OnChallengeofAcceptanceofCloudSolutionsinEUPublicSect...John Nas
 
Sible 09
Sible 09Sible 09
Sible 09lilianedwards
 
Right to be forgotten final paper
Right to be forgotten final paperRight to be forgotten final paper
Right to be forgotten final paperreporter1120
 
The Privacy Advantage 2016 - Wojciech Wiewiorowski
The Privacy Advantage 2016 - Wojciech WiewiorowskiThe Privacy Advantage 2016 - Wojciech Wiewiorowski
The Privacy Advantage 2016 - Wojciech WiewiorowskiKrowdthink
 
The GDPR for Techies
The GDPR for TechiesThe GDPR for Techies
The GDPR for TechiesLilian Edwards
 
Be careful what you wish for: the great Data Protection law reform - Lilian E...
Be careful what you wish for: the great Data Protection law reform - Lilian E...Be careful what you wish for: the great Data Protection law reform - Lilian E...
Be careful what you wish for: the great Data Protection law reform - Lilian E...IISPEastMids
 
Draft data protection regn 2012
Draft data protection regn 2012Draft data protection regn 2012
Draft data protection regn 2012lilianedwards
 
delphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingdelphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingJes Breslaw
 
Lars Mortsiefer
Lars MortsieferLars Mortsiefer
Lars MortsieferTackling Doping In Sport
 
Data Privacy Protection & Advisory - EY India
Data Privacy Protection & Advisory - EY India Data Privacy Protection & Advisory - EY India
Data Privacy Protection & Advisory - EY India SadanandGahivare
 
Latest news from the ePSI Platform studies
Latest news from the ePSI Platform studiesLatest news from the ePSI Platform studies
Latest news from the ePSI Platform studiespsi_alliance
 
ePSIplatform Observations
ePSIplatform ObservationsePSIplatform Observations
ePSIplatform ObservationsePSI Platform
 
Employee Monitoring and Privacy.pdf
Employee Monitoring and Privacy.pdfEmployee Monitoring and Privacy.pdf
Employee Monitoring and Privacy.pdfAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
The 2018 European Commission Data Package
The 2018 European Commission Data PackageThe 2018 European Commission Data Package
The 2018 European Commission Data PackageJean-François Dechamp
 
EDF2013: Selected Talk: František Nonnemann: Re-use of PSI and Personal Data...
EDF2013: Selected Talk: František Nonnemann: Re-use of PSI and Personal Data... EDF2013: Selected Talk: František Nonnemann: Re-use of PSI and Personal Data...
EDF2013: Selected Talk: František Nonnemann: Re-use of PSI and Personal Data...European Data Forum
 
Overview of privacy and data protection considerations - DEVELOP.
Overview of privacy and data protection considerations - DEVELOP.Overview of privacy and data protection considerations - DEVELOP.
Overview of privacy and data protection considerations - DEVELOP.Trilateral Research
 
Policy Brief on Europe's "Right to be Forgotten"
Policy Brief on Europe's "Right to be Forgotten"Policy Brief on Europe's "Right to be Forgotten"
Policy Brief on Europe's "Right to be Forgotten"William Nyikuli
 
IT Governance: Privacy and Intellectual Property
IT Governance: Privacy and Intellectual PropertyIT Governance: Privacy and Intellectual Property
IT Governance: Privacy and Intellectual PropertyCharles Mok
 
250220 blockchain gdpr_blockchain_hillemann_presentation
250220 blockchain gdpr_blockchain_hillemann_presentation250220 blockchain gdpr_blockchain_hillemann_presentation
250220 blockchain gdpr_blockchain_hillemann_presentationDennisHillemann
 
The death of data protection sans obama
The death of data protection sans obamaThe death of data protection sans obama
The death of data protection sans obamaLilian Edwards
 
The death of data protection
The death of data protection The death of data protection
The death of data protection Lilian Edwards
 
Iicensing open data
Iicensing open dataIicensing open data
Iicensing open dataePSI Platform
 
Jjb e psi warsaw
Jjb e psi warsawJjb e psi warsaw
Jjb e psi warsawePSI Platform
 

Weitere ähnliche Inhalte

Ähnlich wie Track H - Cristina Dos Santos

Right to be forgotten final paper
Right to be forgotten final paperRight to be forgotten final paper
Right to be forgotten final paperreporter1120
 
The Privacy Advantage 2016 - Wojciech Wiewiorowski
The Privacy Advantage 2016 - Wojciech WiewiorowskiThe Privacy Advantage 2016 - Wojciech Wiewiorowski
The Privacy Advantage 2016 - Wojciech WiewiorowskiKrowdthink
 
Be careful what you wish for: the great Data Protection law reform - Lilian E...
Be careful what you wish for: the great Data Protection law reform - Lilian E...Be careful what you wish for: the great Data Protection law reform - Lilian E...
Be careful what you wish for: the great Data Protection law reform - Lilian E...IISPEastMids
 
Draft data protection regn 2012
Draft data protection regn 2012Draft data protection regn 2012
Draft data protection regn 2012lilianedwards
 
delphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingdelphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingJes Breslaw
 
Data Privacy Protection & Advisory - EY India
Data Privacy Protection & Advisory - EY India Data Privacy Protection & Advisory - EY India
Data Privacy Protection & Advisory - EY India SadanandGahivare
 
Latest news from the ePSI Platform studies
Latest news from the ePSI Platform studiesLatest news from the ePSI Platform studies
Latest news from the ePSI Platform studiespsi_alliance
 
ePSIplatform Observations
ePSIplatform ObservationsePSIplatform Observations
ePSIplatform ObservationsePSI Platform
 
The 2018 European Commission Data Package
The 2018 European Commission Data PackageThe 2018 European Commission Data Package
The 2018 European Commission Data PackageJean-François Dechamp
 
EDF2013: Selected Talk: František Nonnemann: Re-use of PSI and Personal Data...
EDF2013: Selected Talk: František Nonnemann: Re-use of PSI and Personal Data... EDF2013: Selected Talk: František Nonnemann: Re-use of PSI and Personal Data...
EDF2013: Selected Talk: František Nonnemann: Re-use of PSI and Personal Data...European Data Forum
 
Overview of privacy and data protection considerations - DEVELOP.
Overview of privacy and data protection considerations - DEVELOP.Overview of privacy and data protection considerations - DEVELOP.
Overview of privacy and data protection considerations - DEVELOP.Trilateral Research
 
Policy Brief on Europe's "Right to be Forgotten"
Policy Brief on Europe's "Right to be Forgotten"Policy Brief on Europe's "Right to be Forgotten"
Policy Brief on Europe's "Right to be Forgotten"William Nyikuli
 
IT Governance: Privacy and Intellectual Property
IT Governance: Privacy and Intellectual PropertyIT Governance: Privacy and Intellectual Property
IT Governance: Privacy and Intellectual PropertyCharles Mok
 
250220 blockchain gdpr_blockchain_hillemann_presentation
250220 blockchain gdpr_blockchain_hillemann_presentation250220 blockchain gdpr_blockchain_hillemann_presentation
250220 blockchain gdpr_blockchain_hillemann_presentationDennisHillemann
 
The death of data protection sans obama
The death of data protection sans obamaThe death of data protection sans obama
The death of data protection sans obamaLilian Edwards
 
The death of data protection
The death of data protection The death of data protection
The death of data protection Lilian Edwards
 

Ähnlich wie Track H - Cristina Dos Santos (20)

Sible 09
Sible 09Sible 09
Sible 09
 
Right to be forgotten final paper
Right to be forgotten final paperRight to be forgotten final paper
Right to be forgotten final paper
 
The Privacy Advantage 2016 - Wojciech Wiewiorowski
The Privacy Advantage 2016 - Wojciech WiewiorowskiThe Privacy Advantage 2016 - Wojciech Wiewiorowski
The Privacy Advantage 2016 - Wojciech Wiewiorowski
 
The GDPR for Techies
The GDPR for TechiesThe GDPR for Techies
The GDPR for Techies
 
Be careful what you wish for: the great Data Protection law reform - Lilian E...
Be careful what you wish for: the great Data Protection law reform - Lilian E...Be careful what you wish for: the great Data Protection law reform - Lilian E...
Be careful what you wish for: the great Data Protection law reform - Lilian E...
 
Draft data protection regn 2012
Draft data protection regn 2012Draft data protection regn 2012
Draft data protection regn 2012
 
delphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-maskingdelphix-wp-gdpr-for-data-masking
delphix-wp-gdpr-for-data-masking
 
Lars Mortsiefer
Lars MortsieferLars Mortsiefer
Lars Mortsiefer
 
Data Privacy Protection & Advisory - EY India
Data Privacy Protection & Advisory - EY India Data Privacy Protection & Advisory - EY India
Data Privacy Protection & Advisory - EY India
 
Latest news from the ePSI Platform studies
Latest news from the ePSI Platform studiesLatest news from the ePSI Platform studies
Latest news from the ePSI Platform studies
 
ePSIplatform Observations
ePSIplatform ObservationsePSIplatform Observations
ePSIplatform Observations
 
Employee Monitoring and Privacy.pdf
Employee Monitoring and Privacy.pdfEmployee Monitoring and Privacy.pdf
Employee Monitoring and Privacy.pdf
 
The 2018 European Commission Data Package
The 2018 European Commission Data PackageThe 2018 European Commission Data Package
The 2018 European Commission Data Package
 
EDF2013: Selected Talk: František Nonnemann: Re-use of PSI and Personal Data...
EDF2013: Selected Talk: František Nonnemann: Re-use of PSI and Personal Data... EDF2013: Selected Talk: František Nonnemann: Re-use of PSI and Personal Data...
EDF2013: Selected Talk: František Nonnemann: Re-use of PSI and Personal Data...
 
Overview of privacy and data protection considerations - DEVELOP.
Overview of privacy and data protection considerations - DEVELOP.Overview of privacy and data protection considerations - DEVELOP.
Overview of privacy and data protection considerations - DEVELOP.
 
Policy Brief on Europe's "Right to be Forgotten"
Policy Brief on Europe's "Right to be Forgotten"Policy Brief on Europe's "Right to be Forgotten"
Policy Brief on Europe's "Right to be Forgotten"
 
IT Governance: Privacy and Intellectual Property
IT Governance: Privacy and Intellectual PropertyIT Governance: Privacy and Intellectual Property
IT Governance: Privacy and Intellectual Property
 
250220 blockchain gdpr_blockchain_hillemann_presentation
250220 blockchain gdpr_blockchain_hillemann_presentation250220 blockchain gdpr_blockchain_hillemann_presentation
250220 blockchain gdpr_blockchain_hillemann_presentation
 
The death of data protection sans obama
The death of data protection sans obamaThe death of data protection sans obama
The death of data protection sans obama
 
The death of data protection
The death of data protection The death of data protection
The death of data protection
 

Mehr von ePSI Platform

E psi 22nd of february_warsaw_2013
E psi 22nd of february_warsaw_2013E psi 22nd of february_warsaw_2013
E psi 22nd of february_warsaw_2013ePSI Platform
 
2013 02 22_w_wiewiorowski_epsi
2013 02 22_w_wiewiorowski_epsi2013 02 22_w_wiewiorowski_epsi
2013 02 22_w_wiewiorowski_epsiePSI Platform
 
E psi open data - rejseplanen
E psi open data - rejseplanenE psi open data - rejseplanen
E psi open data - rejseplanenePSI Platform
 
Ds.e psi conference.21 22.02.2013
Ds.e psi conference.21 22.02.2013Ds.e psi conference.21 22.02.2013
Ds.e psi conference.21 22.02.2013ePSI Platform
 
Christian Laux on Liability
Christian Laux on LiabilityChristian Laux on Liability
Christian Laux on LiabilityePSI Platform
 
Liability for open data
Liability for open dataLiability for open data
Liability for open dataePSI Platform
 
Big Data Session Presentations
Big Data Session PresentationsBig Data Session Presentations
Big Data Session PresentationsePSI Platform
 
Otwarte zabytki epsi
Otwarte zabytki epsiOtwarte zabytki epsi
Otwarte zabytki epsiePSI Platform
 
E psi tomek-zielinski-transportoid-conference-slides
E psi tomek-zielinski-transportoid-conference-slidesE psi tomek-zielinski-transportoid-conference-slides
E psi tomek-zielinski-transportoid-conference-slidesePSI Platform
 
PSI Re-use in Bulgaria
PSI Re-use in BulgariaPSI Re-use in Bulgaria
PSI Re-use in BulgariaePSI Platform
 
Hamburg Transparency Law
Hamburg Transparency LawHamburg Transparency Law
Hamburg Transparency LawePSI Platform
 
Open Data: the state of the European Union
Open Data: the state of the European UnionOpen Data: the state of the European Union
Open Data: the state of the European UnionePSI Platform
 
Psi group scoreboard
Psi group scoreboardPsi group scoreboard
Psi group scoreboardePSI Platform
 
Community Building as Scaffolding for a Working Public Sector
Community Building as Scaffolding for a Working Public SectorCommunity Building as Scaffolding for a Working Public Sector
Community Building as Scaffolding for a Working Public SectorePSI Platform
 

Mehr von ePSI Platform (20)

Iicensing open data
Iicensing open dataIicensing open data
Iicensing open data
 
Jjb e psi warsaw
Jjb e psi warsawJjb e psi warsaw
Jjb e psi warsaw
 
E psi 22nd of february_warsaw_2013
E psi 22nd of february_warsaw_2013E psi 22nd of february_warsaw_2013
E psi 22nd of february_warsaw_2013
 
2013 02 22_w_wiewiorowski_epsi
2013 02 22_w_wiewiorowski_epsi2013 02 22_w_wiewiorowski_epsi
2013 02 22_w_wiewiorowski_epsi
 
Transport Data Byrd
Transport Data ByrdTransport Data Byrd
Transport Data Byrd
 
Epsi conference
Epsi conferenceEpsi conference
Epsi conference
 
E psi open data - rejseplanen
E psi open data - rejseplanenE psi open data - rejseplanen
E psi open data - rejseplanen
 
Ds.e psi conference.21 22.02.2013
Ds.e psi conference.21 22.02.2013Ds.e psi conference.21 22.02.2013
Ds.e psi conference.21 22.02.2013
 
Christian Laux on Liability
Christian Laux on LiabilityChristian Laux on Liability
Christian Laux on Liability
 
Liability for open data
Liability for open dataLiability for open data
Liability for open data
 
Big Data Session Presentations
Big Data Session PresentationsBig Data Session Presentations
Big Data Session Presentations
 
Sl lgo
Sl lgoSl lgo
Sl lgo
 
Otwarte zabytki epsi
Otwarte zabytki epsiOtwarte zabytki epsi
Otwarte zabytki epsi
 
E psi tomek-zielinski-transportoid-conference-slides
E psi tomek-zielinski-transportoid-conference-slidesE psi tomek-zielinski-transportoid-conference-slides
E psi tomek-zielinski-transportoid-conference-slides
 
Moja polis basic
Moja polis basicMoja polis basic
Moja polis basic
 
PSI Re-use in Bulgaria
PSI Re-use in BulgariaPSI Re-use in Bulgaria
PSI Re-use in Bulgaria
 
Hamburg Transparency Law
Hamburg Transparency LawHamburg Transparency Law
Hamburg Transparency Law
 
Open Data: the state of the European Union
Open Data: the state of the European UnionOpen Data: the state of the European Union
Open Data: the state of the European Union
 
Psi group scoreboard
Psi group scoreboardPsi group scoreboard
Psi group scoreboard
 
Community Building as Scaffolding for a Working Public Sector
Community Building as Scaffolding for a Working Public SectorCommunity Building as Scaffolding for a Working Public Sector
Community Building as Scaffolding for a Working Public Sector
 

Kürzlich hochgeladen

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 

Kürzlich hochgeladen (20)

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 

Track H - Cristina Dos Santos

  • 1. How to combine the protection of personal data with the “openness” of Public Sector Information? ePSIplatform Conference 2012 16th March 2012, Rotterdam Cristina Dos Santos Senior Researcher at CRIDS– University of Namur (Belgium)
  • 2. Legal issues - 1 Public sector collects, produces, reproduces and disseminates a wide range of information in many areas of activity: social, economic, geographical, weather, tourist, business, patent, taxes, educational information, …  Directive 2003/98/EC (PSI Directive) Most of this information can be considered as „personal data‟, i.e. any information relating to an identified or identifiable natural person (the „data subject‟)  Directive 95/46/EC (Data Protection Directive) 2 ePSIplatform Conference 2012 - Rotterdam, 16th March 2012
  • 3. Legal issues - 2 As a result, we have to combine the application of both legislations when personal data are at stake Current provisions of PSI Directive related with DP:  Recital (21) : « …implemented and applied in full compliance with the principles relating to the protection of personal data in accordance with [Data Protection Directive] »  Article 1 (4) : « …leaves intact and in no way affects the level of protection of individuals with regard to the processing of personal data … and in particular does not alter the obligations and rights set out in [Data Protection Directive] »  Article 2 (5) : « personal data means data as defined in Article 2 (a) of [Data Protection Directive] » 3 ePSIplatform Conference 2012 - Rotterdam, 16th March 2012
  • 4. LAPSI Thematic Network WG on “Privacy Aspects of PSI” Current conclusions of the working group reflections:  No real need to review these articles of PSI Directive as regards data protection…  however, in practice, there still areheterogeneity of practices & legal uncertainty…  Need to modify or complete the PSI Directive provisions, in order to provide more « guidance » to Member States! Sources : http://www.lapsi-project.eu/(LAPSI European Thematic Network) &http://www.lapsi-project.eu/wiki/index.php/Working_Group_02 (Draft “Policy Recommendation”) 4 ePSIplatform Conference 2012 - Rotterdam, 16th March 2012
  • 5. Example of “bad transposition”?… Belgium:  Transposition of PSI Directive at several levels: e.g. Federal Law of 7 March 2007 about re-use of PSI  its Article 4 imposes the systematic anonymisation of data subjects!  several « sectoral committees » (article 36bis L. 1992) have been created within the Belgian data protectionauthority – la Commission de la Protection de la Vie Privée (CPVP): any “interested person” could request to them an authorization to receive electronic disclosure of personal data hold by a [public body]…  possibility of re-use as intended by PSI Directive?  inconsistency between both legal regimes?!  A Federal Commission of Appeal on re-use has been created since 2009  still no cases… is there a re-use of PSI market?!  Example: the Crossroad Bank for Enterprises (BCE), … 5 ePSIplatform Conference 2012 - Rotterdam, 16th March 2012
  • 6. Example of a “mix of solutions”… France:  Transposition of PSI Directive by the Law n°78-753 of 17 July 1978 (also called « CADA Law ») : authorizes re-use of personal data in 3 cases: • when the data subject has given his/her consent, or • when the personal data have been anonymised, or • when a legislative rule or regulation allows it  The French Data Protection authority – la CNIL – could also oblige possible re-users to address a prior request of authorization for personal data gathered by public bodies E.g.: for public archives the CNIL excludes the re-use of sensitive data and the entries made in the margins of the civil status‟ acts, but it authorizes commercial re-use following the respect of some « precautions »… 6 ePSIplatform Conference 2012 - Rotterdam, 16th March 2012
  • 7. Recommendation - 1 PSI Directive could make more references to the obligationsof the data controllers within PSI Directive, e.g.:  Article 7 on „transparency‟: should suggest the establishment of a clear and (when possible) specific « privacy policy » and/or an « information document » by PSI holders about possibilities of re-use of personal data  Article 8 about „licenses‟: should remind the respect of privacy & data protection principles and obligations when the license is established by a public body 7 ePSIplatform Conference 2012 - Rotterdam, 16th March 2012
  • 8. Recommendation - 2 A clear reference to national Data Protection supervisory authorities (NSAs) should be made, in order to « invite » (oblige?) potential re-users to address them their requests of re-use of PSI when personal data are at stake! Examples of « best practices » already exist (within EU institutions under EDPS guidance, in some national « combined-authorities », etc.)  Art.29 WP is the “right arena” to discuss about an “harmonized” solution (need to update its WP 83 (2003!) 8 ePSIplatform Conference 2012 - Rotterdam, 16th March 2012
  • 9. Other “possible” solutions… Technical measures: Privacy by Design, PETs…  pseudonymisation, anonymisation? “Soft-law” policies (national and regional level): • “Proactive approach” of public bodies (EDPS‟ Background paper on access) • Data Protection Officers (solution of new DP Regulation!), under the control of NSAs • Codes of Conduct (at sectoral levels) • Privacy policies for openness (case-by-case approach)… Source:Bassi, Dos Santos & Fernández Salméron, Data Protection and re-use of PSI: towards a possible compromise?, CPDP 2012 9 ePSIplatformConference 2012 - Rotterdam, 16th March 2012
  • 10. Thank you for your attention! Cristina Dos Santos Senior Researcher at CRIDS All comments are welcome at: http://www.lapsi-project.eu/get-involved Or by mail: cristina.dossantos@fundp.ac.be 10 ePSIplatform Conference 2012 - Rotterdam, 16th March 2012