The need for effective protection in practice - PowerPoint PPT Presentation

1 / 9
About This Presentation
Title:

The need for effective protection in practice

Description:

European Data Protection Supervisor. Data Retention Conference, BRUSSELS 14 ... which providers does directive apply: services and network providers (Article 1) ... – PowerPoint PPT presentation

Number of Views:47
Avg rating:3.0/5.0
Slides: 10
Provided by: jba133
Category:

less

Transcript and Presenter's Notes

Title: The need for effective protection in practice


1
The need for effective protection in practice
  • Hielke HIJMANS
  • Coordinator Consultation EDPS

2
Starting Point
  • The need for balance, confirmed by S and Marper.
  • Effective protection A parameter for evaluation.
  • Directive is exception to Article 15 of 2002/58
  • Relation confirmed by ECJ in Irish Case

3
Data retention and protection in a complex context
  • HOW GIVE EFFECTIVE PROTECTION IN THIS CONTEXT?
  • On which providers does directive apply services
    and network providers (Article 1).
  • Centralised storage storage in another Member
    State.
  • Security measures, required by Article 7.
  • Limitations on access.

4
Service providers, network providers, etc.
  • Art 1 is clear both are responsible.
  • Expert Group shows this is not so easy webmail,
    transit providers, third party networks.
  • Coherence with data protection law who is
    controller? Who is processor?
  • Defining responsibilities needed also for
    supervision by DPAs

5
Centralised storage and applicable law
  • 2 options
  • company centralises its storage in 1
    establishment (cross border)
  • Different providers in 1 M.S. centralise the
    storage.
  • Shows problems directive.
  • No full harmonisation.
  • Free flow of information and police environment.
  • Point of departure Directive No additional
    databases.
  • How to supervise cross border and cross pillar.

6
Applicable law in a complex context
  • Art 3 data generated/processed by providers
    within their jurisdiction.
  • Relation with Art 4 of Data Protection Directive
  • So, which law applies?
  • The law of the country where the communication
    took place
  • The law of the establishment of provider.
  • Internet, g-mail?

7
Security measures
  • Article 7
  • It copies elements of Directive 95/46
  • It specifies for instance access only to
    specially authorised personnel (could be more
    precise?)
  • It adds obligation to destroy (but is this a
    security measure?)
  • Is this enough in complex environment?

8
What about access?
  • Article 4 extends to access. Access to the
    retained data, only in specific cases.
  • Indispensible element of directive
  • No use for data mining, profiling etc.
  • No use for other purposes Article 15 can no
    longer be used.
  • National law has to implement Article 4 .
  • Should be important part of evaluation and of
    control Commission.

9
Conclusion
  • EVALUATION should take account of these
    complexities and focus on their minimisation
  • THANK YOU!!!!
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "The need for effective protection in practice" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!