Presentation is loading. Please wait.

Presentation is loading. Please wait.

ESF Monitoring & Evaluation and Data Protection in Spain

Published byTimo Gotthilf Falk Modified over 5 years ago

Similar presentations

Presentation on theme: "ESF Monitoring & Evaluation and Data Protection in Spain"— Presentation transcript:

1 ESF Monitoring & Evaluation and Data Protection in Spain
José Leandro Núñez García Director Agencia Española de Protección de Datos

2 BACKGROUND A brief overview of the Data Protection Framework

3 A fundamental right The Lisbon Treaty made legally binding the EU Charter of Fundamental Rights. Its Article 8 is devoted to data protection: 1. Everyone has the right to the protection of personal data concerning him or her. 2. Such data must be processed fairly for specified purposes and on the basis of the consent of the person concerned or some other legitimate basis laid down by law. Everyone has the right of access to data which has been collected concerning him or her, and the right to have it rectified. 3. Compliance with these rules shall be subject to control by an independent authority.

4 Legal framework in Spain
Spanish Constitution Directive 95/46/EC Convention 108 LOPD Enacted in 1999 Replaces the Act of 1992 EAEPD RLOPD 4

5 Legitimacy grounds Personal data may only be processed… 
With the data subject’s consent… …unless laid down otherwise by law For the exercise of powers by public bodies When necessary for performing a contract To protect the data subject’s vital interests When data are in sources available to the public and it is necessary for the legitimate interests pursued by the controller 5

6 Legitimacy grounds Data concerning racial origin, health or sex life may only be processed… With the data subject’s explicit consent When provided for by law, for reasons of general interest Where it is required for the purposes of preventive medicine, medical diagnosis, the provision of care or treatment, or the management of health-care services. 6

7 GENERAL PICTURE ESF Monitoring & Evaluation and Data Protection in Spain
7

8 How information flows  Beneficiaries Participants Managing
authorities European Commission Pollsters

9 How information flows 
Insofar as they are sharing aggregated information, the processing is not within the scope of the Data Protection legislation Beneficiaries Participants Managing authorities European Commission Pollsters 9

10 How information flows 
However, personal data is collected by beneficiaries and pollsters in order to compile statistics. Insofar as they process those personal information, they have to be compliant with the Data Protection legislation. Beneficiaries Participants Managing authorities European Commission Pollsters 10

11 How to be compliant 1. Legitimacy 
Citizens apply freely to participate in each program… … CONSENT Once accepted, the collection of their data is necessary to comply with Art. 40 of the Regulation 1826/2006 … processing PROVIDED FOR BY LAW

12 How to be compliant 2. Information 
Each application (or poll form) should include a data protection notice, drafted in a clear and plain language: Beneficiary’s (or pollster’s) identity and details Intended purpose of the processing (including stats provided for by Law) Recipients to whom the data will de disclosed Data protection rights 12

13 How to be compliant 3. Proportionality 
The collection and subsequent use of data should be limited to such processing as is: Adequate Relevant Non excesive Data collected should be limited to the minimum necessary. 13

14 How to be compliant 4. Other obligations  Purpose limitation
Appropriate security measures Data retention periods Confidentiality Ensure respect of data subjects’ rights Notification to the Data Protection Register 14

15 AN SPECIFIC CASE Self-employed beneficiaries
15

16 Beneficiaries & participants
Pursuant to Art. 7(2)d, the list of beneficiaries shall be published by the managing authority. However, “participants in an operation of the ESF shall not be named”. How to deal with self-employed beneficiaries, who are simultaneously participants? 16

17 Beneficiaries & participants
Ruling of the Court of Justice “Volker und Markus Schecke GbR (C-92/09), Hartmut Eifert (C-93/09) v Land Hessen”. 77. It is thus necessary to determine whether the Council of the European Union and the Commission balanced the European Union’s interest in guaranteeing the transparency of its acts and ensuring the best use of public funds against the interference with the right of the beneficiaries concerned to respect for their private life in general and to the protection of their personal data in particular. 17

18 Beneficiaries & participants
Ruling of the Court of Justice “Volker und Markus Schecke GbR (C-92/09), Hartmut Eifert (C-93/09) v Land Hessen”. 85. It is necessary to bear in mind that the institutions are obliged to balance, before disclosing information relating to a natural person, the European Union’s interest in guaranteeing the transparency of its actions and the infringement of the rights recognised by Articles 7 and 8 of the Charter. No automatic priority can be conferred on the objective of transparency over the right to protection of personal data (see, to that effect, Commission v Bavarian Lager, paragraphs 75 to 79), even if important economic interests are at stake. 18

19 Beneficiaries & participants
Ruling of the Court of Justice “Volker und Markus Schecke GbR (C-92/09), Hartmut Eifert (C-93/09) v Land Hessen”. Articles 42(8b) and 44a of Council Regulation (EC) No 1290/2005 of 21 June 2005 on the financing of the common agricultural policy, as amended by Council Regulation (EC) No 1437/2007 of 26 November 2007, and Commission Regulation (EC) No 259/2008 of 18 March 2008 laying down detailed rules for the application of Regulation No 1290/2005 as regards the publication of information on the beneficiaries of funds deriving from the EAGF and the EAFRD are invalid in so far as, with regard to natural persons who are beneficiaries of EAGF and EAFRD aid, those provisions impose an obligation to publish personal data relating to each beneficiary without drawing a distinction based on relevant criteria such as the periods during which those persons have received such aid, the frequency of such aid or the nature and amount thereof 19

20 PROSPECTIVES FOR FUTURE A comprehensive data protection framework
20

21 Future of Privacy Include the fundamental principles of data protection into one comprehensive legal framework. There should be room for flexibility. Specific rules could complement and enhance the protection, provided that they fit within the notion of a comprehensive framework and comply with the main principles. 21

22 THANK YOU! 22

23

Download ppt "ESF Monitoring & Evaluation and Data Protection in Spain"

Similar presentations

Re-use of PSI Data Protection Issues Cécile de Terwangne Professor at the Law Faculty, Research Director at CRIDS University of Namur (Belgium) 2 nd LAPSI.

Re-use of PSI Data Protection Issues Cécile de Terwangne Professor at the Law Faculty, Research Director at CRIDS University of Namur (Belgium) 2 nd LAPSI.
Public Sector Information & Data Protection: A plea for personal privacy settings for the re-use of PSI Bart van der Sloot Institute for Information Law.

Public Sector Information & Data Protection: A plea for personal privacy settings for the re-use of PSI Bart van der Sloot Institute for Information Law.
Prof. Cécile de Terwangne - LAPSI Workshop 7-8 October 2010 1 Re-use and Privacy/Data Protection Cécile de TERWANGNE Professor at the Law Faculty CRID.

Prof. Cécile de Terwangne - LAPSI Workshop 7-8 October Re-use and Privacy/Data Protection Cécile de TERWANGNE Professor at the Law Faculty CRID.
PRIVACY ASPECTS OF RE-USE OF PSI: BETWEEN PRIVATE AND PUBLIC SECTOR

PRIVACY ASPECTS OF RE-USE OF PSI: BETWEEN PRIVATE AND PUBLIC SECTOR
Data Protection & Human Rights. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.

Data Protection & Human Rights. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
Data Protection Billy Hawkes Data Protection Commissioner Irish Human Rights Commission 20 November 2010.

Data Protection Billy Hawkes Data Protection Commissioner Irish Human Rights Commission 20 November 2010.
DATA PROTECTION and Research University Research Ethics Committee – 30.05.2008 David Cauchi David Cauchi Office of the Commissioner for Data Protection.

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi David Cauchi Office of the Commissioner for Data Protection.
Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.

Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.
EDUCATION Directive 2002/14/EC of 11 March 2002 establishing a general framework for informing and consulting employees in the European Community.

EDUCATION Directive 2002/14/EC of 11 March 2002 establishing a general framework for informing and consulting employees in the European Community.
DATA PROTECTION and Research University Research Ethics Committee – 08.05.2006 David Cauchi Office of the Data Protection Commissioner.

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi Office of the Data Protection Commissioner.
The European Union legal framework for clinical data access: The European Union legal framework for clinical data access: potential challenges and opportunities.

The European Union legal framework for clinical data access: The European Union legal framework for clinical data access: potential challenges and opportunities.
EU: Bilateral Agreements of Member States

EU: Bilateral Agreements of Member States
EU: Bilateral Agreements of Member States. Formerly concluded international agreements of Member States with third countries Article 351 TFEU The rights.

EU: Bilateral Agreements of Member States. Formerly concluded international agreements of Member States with third countries Article 351 TFEU The rights.
Data Protection: International. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.

Data Protection: International. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
Data Protection & Human Rights. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.

Data Protection & Human Rights. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
Oviedo Convention and Its Protocols – Impact on Polish Law International Bioethics Conference Oviedo Convention in Central and Eastern European Countries.

Oviedo Convention and Its Protocols – Impact on Polish Law International Bioethics Conference Oviedo Convention in Central and Eastern European Countries.
EHRs and the European Union – current legislation and future directions. Dr Richard Fitton.

EHRs and the European Union – current legislation and future directions. Dr Richard Fitton.
Access to Public Information in Slovenia Nataša Pirc Musar, LL.B. Commissioner for Access to Public Information The Hague – 24 th -25 th November, 2004.

Access to Public Information in Slovenia Nataša Pirc Musar, LL.B. Commissioner for Access to Public Information The Hague – 24 th -25 th November, 2004.
The Eighth Asian Bioethics Conference Biotechnology, Culture, and Human Values in Asia and Beyond Confidentiality and Genetic data: Ethical and Legal Rights.

The Eighth Asian Bioethics Conference Biotechnology, Culture, and Human Values in Asia and Beyond Confidentiality and Genetic data: Ethical and Legal Rights.
IBT - Electronic Commerce Privacy Concerns Victor H. Bouganim WCL, American University.

IBT - Electronic Commerce Privacy Concerns Victor H. Bouganim WCL, American University.

Similar presentations

Ads by Google