[Gnso-rds-pdp-privacy] SUMMARY | Opinion of the European Data Protection Supervisor: Europe's Role in Shaping the Future of Internet Governance (23 June 2014)

Ayden Fabien Férdeline ayden at ferdeline.com
Mon Apr 11 08:56:16 UTC 2016


Opinion of the European Data Protection Supervisor: Europe's Role in Shaping the Future of Internet Governance (23 June 2014)
Summary: * This document calls for all Internet policy discussions to take into
   consideration the internationally-recognised, fundamental rights of privacy
   and data protection. Such rights are:
 * 1) at the basis of users' online interactions, 2) should be protected online as well as offline, and 3) “are not negotiable”.
 * The current WHOIS system is named as “an example of a data protection issue
   which has to be addressed” because of its “authentication and data retention
   requirements.” It must be replaced “with a solution taking account, inter
   alia, of privacy concerns.”
 * Data protection authorities must be represented in multi-stakeholder Internet
   governance processes and must ensure that respect for fundamental rights are
   assured for all users regardless of their means and capabilities. They should
   also should work to ensure the harmonisation of data protection rules at a
   global level.
 * Data controllers have a responsibility to:
 * provide transparent and easily accessible and understandable information, should provide procedures and mechanisms for exercising a data subject's
   rights, must provide information on storage periods, must provide information on rights to lodge a complaint, and must provide information in relation to the international transfer of data
   and to the source from which the data is originating.
 * Users have the right to be forgotten and to erasure. In balancing the right
   to erasure against the freedom of information, the former overrides the
   general public's right to be informed, unless the data subject plays a role
   in public life that justifies interference with his/her right to privacy.
 * There is a close relationship between technological design and data
   protection. The principles of data protection-by-design and by-default could serve as significant enablers of trust on the Internet. Accordingly
   the inclusion of optimal data protection standards in the development of
   technology at the early design phase is encouraged.
 * Conflicts of law arise in connection with the Internet, jeopardising users'
   rights to privacy and data protection, and these need to be solved. “Given
   the global and cross-border nature of the Internet, personal data is often
   transferred to and processed in jurisdictions other than those in which users
   have submitted their data, exposing them to the risk of lower or no data
   protection. In addition, controllers processing personal data on the Internet
   may be faced with conflicting laws and obligations and must choose between
   violating foreign obligations or EU data protection safeguards … which in
   consequence undermines the data protection safeguards afforded to users under
   EU law.”
 * Google v AEPD might provide some guidance on answering this question – in this judgement
   the Court of Justice of the European Union ruled that the presence of an
   establishment on the territory of an EU Member State and the relationship
   between the activities of that establishment and the data processing at issue
   can be used to decide the applicability of EU data protection law to a
   processing carried out online.
 * “From a European perspective, we would encourage controllers processing the
   personal data of EU individuals on the Internet to increase the transparency
   and the amount of information they provide to users in relation to the law(s)
   they are subject to and the data protection rules they are bound to apply,
   including laws on access to data by government bodies, jurisdictions where
   data may be processed, and what safeguards have been implemented to protect
   users' data.”


Ayden Férdeline Statement of Interest
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-privacy/attachments/20160411/f7f44e34/attachment-0001.html>


More information about the Gnso-rds-pdp-privacy mailing list