[gnso-rds-pdp-wg] Fwd: Article 29 Data protection working party opinion on legitimate interests of the Data Controller
Rob Golding
rob.golding at astutium.com
Thu Mar 24 03:24:02 UTC 2016
> http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp217_en.pdf
> [1].
> Pages 27-30, in my view, are particularly relevant to our discussions,
The Charter of Fundamental Rights
Since the Lisbon Treaty entered into force on 1 December 2009, the
European Union Charter
of Fundamental Rights ('the Charter') enjoys 'the same legal value as
the Treaties'.16 The
Charter enshrines the protection of personal data as a fundamental right
under Article 8,
which is distinct from the respect for private and family life under
Article 7. Article 8 lays
down the requirement for a legitimate basis for the processing. In
particular, it provides that
personal data must be processed 'on the basis of the consent of the
person concerned or some
other legitimate basis laid down by law'.17 These provisions reinforce
both the importance of
the principle of lawfulness and the need for an adequate legal basis for
the processing of
personal data.
TL:DR summary of the 1st half of the doc....
There's a balance between the requirements of the organisation
collecting/processing data and the person whose data it is, and if there
is *any* disagreement between those, the person's requirements always
win - the default position has to be dont collect it, dont use it, and
certainly dont publish it
Rob
More information about the gnso-rds-pdp-wg
mailing list