[gnso-rds-pdp-data] Review of Additional articles 29 WP documents that may be of interest to PDP WG
Richard Padilla
padilla.richard at gmail.com
Wed Apr 13 16:25:35 UTC 2016
Dear all
After reviewing the documents in the section above the following can be
summarised as follows:
There has been enough discussion on the if I can call it the maintenance of
how data should be kept in according to the laws of various countries as
all have different laws that more or less try to do the same thing in
different words and explanation. For e.g.
1. Directive 95/46/EC - the protection of individuals with regard to the
processing of the personal data, in Article 6.1 b), which establishes
that personal data must be "collected for specified, explicit and
legitimate purpose and not further processed in a way incompatible with
those purposes"
2. Note the purpose of conventional telephone directories is the
disclosure of subscriber's telephone number starting from the knowledge
of subscriber's name and that its use is limited to that
specific purposes.
3. Must establish the balance of interests, the interests and risks
to privacy at stake have to be identified and evaluated. Directive 97/66/EC
gives helpful indications: as long as the minimum information necessary to
identify a subscriber is at stake, thus this information can be included
in conventional public directories unless the subscriber objects. It
must be considered that the interest of the individual in being protected
override the interests of controller or third parties. Therefore such
processing is only legitimate if the individual has given his/her informed
consent prior to any inclusion of his /her personal data in public
directories for reverse or multi-criteria searches.
4. Specific and informed consent of the subscriber must be obtained
prior to the inclusion of his personal data into all kinds of public
directories which include all type of communication devices used for
reverse or multi-criteria searches. There must be some given consent on how
personal data can be used.
5. As most conclusions regard the directives of the EC previous WP
on the Protection of Individuals with regards to protection of data takes
the position that processing of said personal data in reverse directories or
multi-criteria searching services without unambiguous and informed
consent by subscriber is unfair and unlawful. Thus fully implementing and
accepting the EC proposal for draft directive on processing personal
data.
6. Article 15 of draft Convention could create the impression that the
protection of human rights shall only be considered when it is "due" and
shall on be "adequate". It can be seen as limiting the safeguards and
procedures it would considerably lower if not fully undermine the
protection of fundamental rights.
7. Finally with several EU countries implementing Directive 95/46/EC
shows that national laws requires personal data can be in principle only
be sent to non-EU countries if this country does provide an adequate level
of protection of individuals with regard to the processing of their
personal data. the level of protection in these countries must be checked.
Otherwise if no adequate protection on offer in third country then
transfer f personal data may nevertheless be necessary to fight against
crime.
This shows that the EU or EC directive on the protection of personal data
has been the benchmark used to protected personal data. No specfic mention
of length of time to hold such data although I think 6 weeks has been
mentioned in one document I think.
Let me know if I need to do more
Regards
R. Padilla MSc.
--
Richard Padilla MSc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-data/attachments/20160413/d01ebd29/attachment.html>
More information about the gnso-rds-pdp-data
mailing list