<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Sure! Tx Lisa for all you are doing to help us keep on this
material.<br>
Kathy<br>
<br>
<div class="moz-cite-prefix">On 4/7/2016 4:41 PM, Lisa Phifer wrote:<br>
</div>
<blockquote
cite="mid:6.2.3.4.2.20160407143451.0846f278@mail.corecom.com"
type="cite">
Hi Kathy, Stephanie has already volunteered to summarize <br>
<a moz-do-not-send="true"
href="http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2013/wp203_en.pdf">Article
29 WP 203 Opinion 3/2013</a> <br>
<br>
I will add the blog you identified below and indicate that you're
assigned to summarize it for the purpose team.<br>
<br>
Would you be able to summarize the following with respect to its
relevance to RDS purpose:<br>
<a moz-do-not-send="true"
href="http://ec.europa.eu/justice/data-protection/data-collection/obligations/index_en.htm">European
Commission Website: Obligations of Data Controllers</a>
<br>
<br>
Thanks<br>
Lisa<br>
<br>
<br>
At 02:29 PM 4/7/2016, Kathy Kleiman via gnso-rds-pdp-purpose
wrote:<br>
<blockquote type="cite" class="cite" cite="">Hi Susan and Lisa,<br>
If it is still open, I volunteer to summarize the Article 29
Data
Protection Working Group's "Opinion 03/2013 on Purpose
Limitation" adopted by April 2, 2013. <br>
<br>
In many ways, this is just the piece we have been looking for to
understand what "purpose" means in the EU, and what the
"purpose limitation" requires under the EU Data Protection
Directive. It answers many questions we have been raising about
the law
and framework of "purpose," including: <br>
+ <i>if under the EU Data Protection Directive, personal data
must be
"collected for specified, explicit and legitimate purposes and
not
further processed in a way incompatible with those purposes,"
then
what is "a specified purpose," "how does a purpose become
explicit," and what purposes are "legitimate?"Â Â
</i>All discussed in detail!<br>
<i><br>
</i>Further, it has sections addressing the natural follow-up
question:
what is "compatible use?"Â This decision discusses at
length the legal limitation for "further processing" of
personal data -- which must be not incompatible with the
original purpose
for which the data was collected in the first place. <br>
<br>
If someone has already summarized this opinion, how might I find
that
summary? <br>
<br>
Also, can we post the article by Hunton & Williams (global
law firm)
in its Privacy & Information Security Law Blog titled:
"<i>Article 29 Working Party Clarifies Purpose Limitation
Principles; Opines on Big and Open Data."Â </i>The writers
provide a concise overview of the Article 29 Working Party's
70-page
decision above is in clear language (hooray!). It provides a
readable
overview of this decision that "goes to the heart of data
protection
law and is relevant to virtually all data controllers processing
personal
data in the EU." <br>
<br>
I think it would help the full WG to provide access to it --
link:
<a moz-do-not-send="true"
href="https://www.huntonprivacyblog.com/2013/04/09/article-29-working-party-clarifies-purpose-limitation-principle-opines-on-big-and-open-data/">https://www.huntonprivacyblog.com/2013/04/09/article-29-working-party-clarifies-purpose-limitation-principle-opines-on-big-and-open-data/</a>
 <br>
<br>
I'm happy to summarize it. <br>
Best and tx, <br>
Kathy<br>
<br>
_______________________________________________<br>
gnso-rds-pdp-purpose mailing list<br>
<a class="moz-txt-link-abbreviated" href="mailto:gnso-rds-pdp-purpose@icann.org">gnso-rds-pdp-purpose@icann.org</a><br>
<a moz-do-not-send="true"
href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose"
eudora="autourl">
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose</a>
</blockquote>
</blockquote>
<br>
</body>
</html>