PDP on Next- Generation gtld Registration Directory Service (RDS)

Similar documents
84 rd REGULAR SESSION OEA/Ser.Q March 10-14, 2014 CJI/doc. 450/14 Rio de Janeiro, Brazil February 25, 2014 Original: English * Limited

EUROPEAN PARLIAMENT COMMITTEE ON CIVIL LIBERTIES, JUSTICE AND HOME AFFAIRS

MEMORANDUM. Internet Corporation for Assigned Names and Numbers. Thomas Nygren and Pontus Stenbeck, Hamilton Advokatbyrå

TECHNOLOGY AND DATA PRIVACY. Investigative Powers of the Data Protection Commissioner. by Peter Bolger, Jeanne Kelly

closer look at Rights & remedies

16 March Purpose & Introduction

A Legal Overview of the Data Protection Act By: Mrs D. Madhub Data Protection Commissioner

SUBSIDIARY LEGISLATION DATA PROTECTION (PROCESSING OF PERSONAL DATA IN THE POLICE SECTOR) REGULATIONS

Smart Meters covertly monitor your home!

Law Enforcement processing (Part 3 of the DPA 2018)

Cybercrime investigation and the protection of personal data and privacy

ARTICLE 29 Data Protection Working Party

Data protection and privacy aspects of cross-border access to electronic evidence

Response of the Northern Ireland Human Rights Commission to the Housing (Amendment) Bill. NIA Bill 58/11-16 Summary

Declaration on the protection of personal data in the company TAJMAC ZPS, a.s.

HAUT-COMMISSARIAT AUX DROITS DE L HOMME OFFICE OF THE HIGH COMMISSIONER FOR HUMAN RIGHTS PALAIS DES NATIONS 1211 GENEVA 10, SWITZERLAND

Reports of Cases. JUDGMENT OF THE COURT (Second Chamber) 20 December 2017 *

EXECUTIVE SUMMARY. 3 P a g e

Immigration (Education) Regulations 2018

Privacy and Protection of Personal Data in the EU Transfers of Personal Data to third Countries

Adequacy Referential (updated)

Data Protection Bill, House of Lords second reading Information Commissioner s briefing

Port Glasgow St Andrew s Data Protection Policy

SCHEDULE Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.

DATA PROTECTION (JERSEY) LAW 2018

Mannofield Parish Church. Registered Scottish Charity No: SC (the Congregation ) Data Protection Policy

Data Protection Policy

Purpose specific Information Sharing Agreement. Community Safety Accreditation Scheme Part 2

Data Protection Policy

COMP Article 1. Article 1 Subject matter and objectives

Statement for the European Parliament, Temporary Committee on the ECHELON interception system, meeting of Thursday, 22 March, 2001, Brussels.

Privacy International's comments on the Brazil draft law on processing of personal data to protect the personality and dignity of natural persons

Act No. 502 of 23 May 2018

REGULATION (EU) 2016/679 General Data Protection Regulation

BJB Motor Company Limited (BJB) - Data Protection Act 1998 Policy & Procedures

DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL. of 24 October 1995

The legal framework and guidance on data protection under the. Cross-border ehealth Information Services (CBeHIS) T6.2 JAseHN draft v.2 (20.10.

Attachment 1 to Submission of the National Whistleblowers Center to the UN Universal Periodic Review

GENERAL PROTOCOL FOR SHARING INFORMATION BETWEEN AGENCIES IN KINGSTON UPON HULL AND THE EAST RIDING OF YORKSHIRE

Working Document Setting Forth a Co-Operation Procedure for the approval of Binding Corporate Rules for controllers and processors under the GDPR

AGREEMENT FOR ACCESS, WHICH MAY RESULT IN PERSONAL DATA PROCESSING

DATA PROTECTION LAWS OF THE WORLD. Ukraine

CONSULTATIVE COMMITTEE OF THE CONVENTION FOR THE PROTECTION OF INDIVIDUALS WITH REGARD TO AUTOMATIC PROCESSING OF PERSONAL DATA

6153/1/18 REV 1 VH/np 1 DGD2

the Commisslone Mazionale per le Sodeta e la Borsa in ItaJy and the Public Company Accounting Oversight Board In the United States

The modernised Convention 108: novelties in a nutshell

Submission to the Joint Committee on the draft Investigatory Powers Bill

INFORMATION SHARING AGREEMENT BETWEEN THE MINISTRY OF JUSTICE AND THE CROWN LAW OFFICE JULY 2017

Charities & Not-for-Profits Overview of Data Protection Law

This English translation is provided for information purposes only. The official version of this document is available in German.

NOTIFICATION FOR PRIOR CHECKING INFORMATION TO BE GIVEN(2)

PROCEDURE RIGHTS OF THE DATA SUBJECT PURSUANT TO THE ARTICLES 15 TO 23 OF THE REGULATION 679/2016

STATUTORY INSTRUMENT 2002 NO THE ELECTRONIC COMMERCE (EC DIRECTIVE) REGULATIONS Statutory Instruments No. 2013

THE PERSONAL DATA PROTECTION BILL, 2018: A SUMMARY

EUROPEAN UNION. Brussels, 3 February 2006 (OR. en) 2005/0182 (COD) PE-CONS 3677/05 COPEN 200 TELECOM 151 CODEC 1206 OC 981

ARTICLE 29 Data Protection Working Party

Telekom Austria Group Standard Data Processing Agreement

5418/16 AV/NT/vm DGD 2

Antrobus Parish Council Personal Data Management and Audit Policy 1

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 16 thereof,

1. What sort of passenger information will be transferred to US authorities?

The policy will not replace the Data Protection Act. It will show how the DBS will comply with the Act when processing your personal data.

PERSONAL DATA PROTECTION PRIVACY INFORMATION FOR THE CITIZENS ON THE RIGHT TO PERSONAL DATA PROTECTION

LAW OF THE REPUBLIC OF ARMENIA ON PROTECTION OF PERSONAL DATA CHAPTER 1 GENERAL PROVISIONS

PE-CONS 71/1/15 REV 1 EN

Appendix 1 Data Processing Agreement

on the proposal for a Regulation of the European Parliament and of the Council concerning customs enforcement of intellectual property rights

Processing of data in relation to your application

DATA PROTECTION LAWS OF THE WORLD. Ireland

Data Protection Policy and Procedure

PROJET DE LOI ENTITLED. The Data Protection (Bailiwick of Guernsey) Law, 2017 ARRANGEMENT OF SECTIONS PART I PRELIMINARY

Opinion of the European Data Protection Supervisor

EUROPEAN COMMISSION DIRECTORATE-GENERAL JUSTICE

CCTV Code of Practice

DATA PROTECTION LAWS OF THE WORLD. Colombia vs Germany

STATOIL BINDING CORPORATE RULES - PUBLIC DOCUMENT

SIMON READHEAD Q.C. PRIVACY NOTICE

General Data Protection Regulation

Information leaflet about processing of personal data for Newsletter Recipients (hereinafter Data Subject)

The Act on Processing of Personal Data

Mandate of the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression

FREEDOM OF EXPRESSION UNDER FIRE BRIEFING TO THE HUNGARIAN GOVERNMENT ON THE NEW MEDIA LEGISLATION

Compliance & Ethics. a publication of the society of corporate compliance and ethics MAY 2018

BACKGROUND INFORMATION

Federal Act on Data Protection (FADP) Section 1: Aim, Scope and Definitions

International regulations Standards for implementation

DATA PROTECTION (JERSEY) LAW 2005

Conducting surveillance in a public place

ARTICLE 29 DATA PROTECTION WORKING PARTY

European Data Protection Supervisor Transparency in the EU administration: Your right to access documents

Written evidence from the Law Society of England and Wales. House of Commons Public Bill Committee considering the Data Protection Bill [HL]

QRME Australian Privacy Principles (APP) Policy

Annex - Summary of GDPR derogations in the Data Protection Bill

Legal aspects of biometric data processing : current state of affairs. Dr. E. J. Kindt MIPRO 2015

Data Protection Policy

BINDING CORPORATE RULES PRIVACY policy. Telekom Albania. Çaste që na lidhin.

Overview Status of European Union Data Protection Law Reform (Aug. 2015) Martin Braun

Rwanda: Proposed media law fails to safeguard free press

THE DATA PROTECTION PRINCIPLES

DATA PROTECTION LAWS OF THE WORLD. Romania

Transcription:

2 February 2017 Peter Kimpian, Data Protection Unit of the Council of Europe PDP on Next- Generation gtld Registration Directory Service (RDS)

Art 12 of the Universal Declaration of Human Rights: No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks. Art 17 of the International Covenant on Civil and Political Rights: 1. No one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honour and reputation. 2. Everyone has the right to the protection of the law against such interference or attacks. Art 8 of the European Convention on Human Rights: 1. Everyone has the right to respect for his private and family life, his home and his correspondence. 2. There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others

Individuals have to be in control of their personal data (trail of the data) Main principles Necessity Proportionality Purpose specification/purp ose limitation Adequate, relevant and not excessive in relation to the purposes for which they are stored Accurate and, where necessary, kept up to date Preserved in a form which permits identification of the data subjects for no longer than is required for the purpose for which those data are stored Legitimate aim/purpose Lawful and fair means of data processing (ex: online marketing) Valid legal basis (law, consent, contract, vital interest of the individual, etc.)

state security public safety the monetary interests of the State the suppression of criminal offences Exemptions protecting the data subject or the rights and freedoms of others statistical and research purposes BUT, processing of personal data for national security, law enforcement etc. purposes can constitute an interference with the right to privacy and to the protection of personal data The interference has to be provided for by law and has to constitute a necessary measures in a democratic society (based on law, necessary and proportionate to the aim pursued)

Same rules as for processing Discloser of data/third party access to data/further data processing BUT, here there is a third party and a second purpose and it is not for the original data controller to define the secondary purpose, it defines the conditions, the procedures etc. under which it can disclose personal data if all legal requirements met Purpose for processing Purpose for disclosing New data processing has to comply with Legitimate aim/purpose Lawful and fair means of data processing Valid legal base (law, consent, contract, vital interest of the individual, etc.) Adequate, relevant and not excessive in relation to the purposes for which they are stored Accurate and, where necessary, kept up to date Preserved in a form which permits identification of the data subjects for no longer than is required for the purpose for which those data are stored

Accountability A personal information controller should be accountable for complying with measures that give effect to the Principles stated above - APEC Privacy Framework Each Party shall provide that controllers and, where applicable, processors take all appropriate measures to comply with the obligations of this Convention and be able to demonstrate, in particular to the competent supervisory authority provided for in Article 12bis, that the data processing under their control is in compliance with the provisions of this Convention. Modernised CoE Convention 108 A data controller should be accountable for complying with measures which give effect to the principles stated above updated OECD Privacy Framework, 2013 So collection of personal data for a specific purpose = responsibility for the implementation of the privacy and data protection principles for that purpose The Data Protection Directive requires data controllers to observe a number of principles when they process personal data. These principles not only protect the rights of those about whom the data is collected ("data subjects") but also reflect good business practices that contribute to reliable and efficient data processing. - EU Directive 95/46/EC The controller shall be responsible for, and be able to demonstrate compliance with, paragraph 1 ( accountability ) Art 5, GDPR

13 th March 2017!!! Privacy Summit ICANN 58

www.coe.int/dataprotection dataprotection@coe.int Peter Kimpian Data Protection Unit Human Rights and Rule of Law CONSEIL DE L'EUROPE - COUNCIL OF EUROPE tel : + 33(0) 3 90 21 58 51 Email: peter.kimpian@coe.int Thank you for your attention

2024 © lawsdocbox.com Privacy Policy | Terms of Service | Feedback