Data protection supervision authority’s practice concerning exception provided in par. 2 of article 5 of Directive 2002/58/EC DIJANA ŠINKŪNIENĖ State Data.

Slides:

Advertisements

Similar presentations

Public Sector Information & Data Protection: A plea for personal privacy settings for the re-use of PSI Bart van der Sloot Institute for Information Law.

Advertisements

LAPSI 4th Thematic Seminar Muenster, January 27, 2011 Should the information held by research institutions be included in the EU Directive on PSI Re-use?

Ms Valerie Vandermeersch National expert, Ministry of Justice.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Privacy Laws & Higher Education. Agenda 1.Five Privacy Laws a.FERPA b.HIPAA c.GLB d.FACTA Disposal Rule e.CAN-SPAM 2.Overview of the Laws a.What does.

COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

LLL - Supporting Lutheran Schools Last updated: January 2014.

1 Exploring Acceptance and Legal Nature of eRecords Within a Paper-Based Framework Electronic Signature & Records Association November 14, 2012 Rafael.

S1: Introduction Financial Audit A course for Audit Staff (Sr.AOs, AAOs & SOs)

EU: Bilateral Agreements of Member States

EU: Bilateral Agreements of Member States. Formerly concluded international agreements of Member States with third countries Article 351 TFEU The rights.

Audit Planning and Documentation

FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.

European payment order Regulation (EC) No 1896/2006 of the European Parliament and of the Council of 12 December 2006 creating a European order for payment.

Secure Electronic Transactions (SET). SET SET is an encryption and security specification designed to protect credit card transactions on the Internet.

Tina Kraigher and Milena Podjed-Fabjančič 18 April 2010 Processing of Telephone Traffic Data of Employees ( a Case Study )

Internal Auditing and Outsourcing

- 1 UNCITRAL Colloquium on Electronic Commerce Legal issues of m-commerce with regard to the principles of technological neutrality and functional equivalence.

10th Baltic Electronic Communications & Postal Services Regulators’ Meeting Latvia, 29 August 2013 Postal market supervision Kristina Masiulytė Acting.

Banks and the Privacy of Medical Information 8 th National HIPAA Summit March 8, 2004 Joy Pritts, JD Health Policy Institute Georgetown University

DATA PROTECTION ISSUES COMBINING OF PERSONAL DATA STORED IN DIFFERENT INSTITUTIONS 9th Meeting of Central and Eastern European Commissioners June 4-6 th.

© OECD A joint initiative of the OECD and the European Union, principally financed by the EU Σ SIGMA E-procurement in the European Union Directives on.

Re – use of PSI in Slovenia Kristina Kotnik Šumah Deputy of the Information Commisoner.

7 - 1 Copyright  2003 Pearson Education Canada Inc. CHAPTER 7 Audit Planning and Documentation.

New Implementing Regulation DG Enterprise on the Administrative Requirements for the approval and market surveillance of 2- or 3-wheel vehicles and quadricycles.

NYSAIS | Webinar | May 11, 2011 Electronic Signatures and Red Flag Rules Presented by: Donald J. Mosher Partner Schulte Roth & Zabel LLP

Data Protection Compliance Professor Ian Walden Institute of Computer and Communications Law, Centre for Commercial Law Studies, Queen Mary, University.

INTERNATIONAL E-DISCOVERY: WHEN CULTURES COLLIDE Alvin F. Lindsay Hogan & Hartson LLP.

Various Stages of MiFID Implementation in Lithuania Tomas Talutis Lithuanian Securities Commission.

FleetBoston Financial HIPAA Privacy Compliance Agnes Bundy Scanlan Managing Director and Chief Privacy Officer FleetBoston Financial.

Regional Workshop MICRODATA ACCESS IN EUROPEAN COUNTRIES – COOPERATION BETWEEN NATIONAL STATISTICAL INSTITUTES AND DATA ARCHIVES 2nd Regional Workshop.

DATA PROTECTION ISSUES PERFORMING VIDEO SURVEILLANCE XIV Case Handling Workshop Athens, November 2006.

Data protection and European citizens’ initiatives

S1: Introduction Financial Audit A course for IA&AS Officers.

Monitoring and Supervision. June 15, Rotterdam 1 MONITORING ELECTRONIC COMMUNICATIONS: PRIVACY ISSUES Prof. Rimantas Petrauskas, Assoc.

Human Rights Act, Privacy in the context of auditing Phil Huggins Chief Technologist, IRM PLC

Privacy and Data Protection in e-Communications Sector Legislation, Codes of Practice and Standards Privacy and Data Protection in e-Communications Sector.

UNIVERSITY OF DAR ES SALAAM t Selection and Employment of Consultants Negotiations with Consultants; Monitoring Performance of Consultants; Resolving Disputes.

PRIVACY IN THE ELECTRONIC COMMUNICATIONS SECTOR IN BULGARIA.

1 M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 9 – Financial Services Bilateral.

Dr. Adli Kandah Director General Association of Banks in Jordan Credit Bureau: the Case of Jordan Workshop on Support for Euro-Mediterranean industrial.

Privacy and Personal Information. WHAT YOU WILL LEARN: What personal information is. General guidelines for the collection of personal information. Your.

Ukraine (nr 46514): Expert Mission on Supervision of Investment Funds` Activities - TAIEX On-site supervision of the investment funds industry in Poland.

Internal Audit Section. Authorized in Section , Florida Statutes Section , Florida Statutes (F.S.), authorizes the Inspector General to review.

Legal framework of telework – practical solutions for employers Dr. Jacek Męcina.

M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 28 – Consumer and Health Protection.

1 M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 9 – Financial Services Bilateral.

M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 9 – Financial services Bilateral screening:

1 M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 29 – Customs union Bilateral screening:

1 M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 29 – Customs union Bilateral screening:

Disclaimer This presentation is intended only for use by Tulane University faculty, staff, and students. No copy or use of this presentation should occur.

Ethical, legal and social aspects of public health genomics Mark Taylor, School of Law, University of Sheffield 7 th November 2014.

M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 5 – Public Procurement Bilateral screening:

M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 28 – Consumer and Health Protection.

M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 10 – Information society and media.

E-C OMMERCE : T HE E -C ONSUMER AND THE ATTACKS AGAINST THE PERSONAL DATA Nomikou Eirini Attorney at Law, Piraeus Bar Association Master Degree in Web.

Agencija za zaštitu ličnih/osobnih podataka u Bosni i Hercegovini Агенција за заштиту личних података у Босни и Херцеговини Personal Data Protection Agency.

TRANSBORDER TRANSFER OF PERSONAL DATA OUT OF THE REPUBLIC OF SERBIA Milica Basta Senior Adviser DPA Serbia Sarajevo May 2016.

The Contractual Regime of PayPal and Electronic Payments Irene Kull ETAg funding, project 9301.

Financing projects on maritime domain

INTERCONNECTION GUIDELINES

WHAT IS FRANCHISING? THE POINT OF VIEW OF THE USERS

Internal and Governmental Financial Auditing and Operational Auditing

EU Directive 95/46/EC (Paragraph 2) “Whereas data-processing systems are designed to serve man; whereas they must Respect their fundamental rights.

DATA PROTECTION STATE DATA PROTECTION INSPECTORATE.

Banking Relations with Parliament, Government and Public Entities

INTELLECTUAL PROPERTY RIGHTS (IPR) IN FP7

Presentation for the Equinet Seminar on Tackling discrimination and protection for carers in Europe The Greek Labor Inspectorate and its cooperation with.

The EDPS: competences and processing of personal data in EU funds

"AL HILAL" Islamic Bank" JSC

Presentation transcript:

Data protection supervision authority’s practice concerning exception provided in par. 2 of article 5 of Directive 2002/58/EC DIJANA ŠINKŪNIENĖ State Data Protection Inspectorate of the Republic of Lithuania XIV Case Handling Workshop, Athens, November 2006

2 Scope of the inspections  Recording of the phone conversations in 10 banks;  Compliance with the requirements of the Law on Electronic Communications of the Republic of Lithuania and the Law on Legal Protection of Personal Data (Data Protection Law).

3 Findings of the inspections  The phone conversations are recorded in 6 banks;  4 banks have special telephone numbers that are dedicated for business transactions and are not publicly available;  2 banks are recording the conversations when persons are calling by common phone number which is made public and dedicated also for information, consultations, etc.

4 Legal background  Recital 23 and article 5 of the Directive 2002/58/EC;  Paragraphs 1 and 3 of the article 63 of the Law on Electronic Communications;  Data Protection Law.

5 Directive 2002/58/EC  Recital 23: requires to ensure confidentiality of communications in the course of lawful business practice; allows recording of communications for the purpose of providing evidence of a commercial transaction; parties to the communications should be provided with specific information prior to the recording;  Article 5 sets forth requirements for the confidentiality of communications.

6 Law on Electronic Communications  Paragraph 1 of the article 63 ensures the confidentiality of communications and prohibits any interception without consent of the parties concerned, except the cases provided by law;  Paragraph 3 of the article 63 allows legally authorised recording of information and related traffic data in the course of lawful business practice for the purpose of providing evidence of a commercial transaction or of any other business communication.

7 The concept of “commercial transaction and any other business communication”  Oral financial transactions concluded by phone, for example: stock exchange transactions; currency exchange transactions; money transfer.

8 The concept of “commercial transaction and any other business communication”  Oral communications, directly related to the existing contractual relations between bank and its client, for example: request to block/unblock bankcard; order of the abstract of account; request for the information related to circulation of money in the account.

9 The concept of “commercial transaction and any other business communication”  Provision of some kind of information which is considered as the service according to the law, for example: according to the paragraph 1 of the article 3 of the Law on Financial Institutions provision of information as well as advice on issues of the granting and payment of a credit is considered as financial service.

10 Decision of the Data Protection Authority  Provision of the information of general nature about banking services, its rates etc. falls outside the scope of exception laid down in the par. 3 of the article 63 of the Law on Electronic Communications and consent of calling person has to be obtained.

11 Decision of the Data Protection Authority  When exception concerning commercial transaction and any other business communication is applied, parties to the communications should be provided with appropriate information.

12 Requirements for the lawfulness  Consent has to be given in a way enabling a freely given, specific and informed indication of the user’s wishes;  In any case parties to the communications should be informed prior to the recording about the recording and its purpose.

13 Arguments submitted by banks  Phone numbers are designated only for commercial, not for private, communications;  Every communication, even provision of general information about banking services could have after-effects and could serve as the evidence;  When calling person is not the client of the bank, his identity is not being established, so he has not to be informed according to Data Protection Law.

14 Final results  It was agreed that: When telephone numbers are not publicly available, it is sufficient to present appropriate information in the contract; In other cases information about the recording and its purpose has to be delivered to the calling person in case of every call, before starting to record.

15 I would like to thank you for your attention. Dijana Šinkūnienė