Out-Law News 1 min. read
19 Jul 2005, 11:47 am
The current EDPS is Peter Hustinx, formerly the President of Holland's national data protection authority. As EDPS he is responsible for monitoring the processing of personal data by the Community institutions and bodies.
"The protection of the privacy of an individual is an important ground for exception to the right to information. However, this does not mean that public access should be automatically refused if a document contains personal data," said Mr Hustinx. "Transparency and privacy are both fundamental rights and one does not prevail over the other. A careful consideration of both principles is the key to an appropriate solution."
Mr Hustinx’s recent publication is the first in a series due to be published by the regulator.
He recommends that when dealing with public access to documents containing personal data, it is imperative that the responsible officials make a concrete and individual examination of the specific document.
Firstly, says Hustinx, disclosure can only be refused if the privacy of an individual is at stake, as is generally the case when the document contains sensitive data, relates to the reputation of a person, could reveal embarrassing facts, could misrepresent the individual in some way, or contains information that was given confidentially.
Secondly, the negative effect of disclosure of someone's personal data must be substantial – generally involving factual, and not simply superficial harm.
Thirdly, the request must be examined to see if disclosure is permitted under data protection laws. For example, is the disclosure proportionate? Or is it compatible with the purposes for which the information was originally collected?
According to the EDPS, the paper highlights the background and importance of both transparency and privacy and guides the reader through the process of consideration. Examples from the EU institutions help to make the topic more concrete.
It also includes a checklist for officials.
