APDCAT (Catalonia) - PD 6/2021: Difference between revisions

From GDPRhub
(Created page with "{{DPAdecisionBOX |Jurisdiction=Spain |DPA-BG-Color= |DPAlogo=Apdcat-logo.png |DPA_Abbrevation=APDCAT (Catalonia) |DPA_With_Country=APDCAT (Catalonia) |Case_Number_Name=PD 6/...")
 
No edit summary
 
(3 intermediate revisions by 2 users not shown)
Line 10: Line 10:
|ECLI=
|ECLI=


|Original_Source_Name_1=Informe en relació amb l'Avantprojecte de llei orgànica per la qual s'estableixen normes que facilitin l'ús d'informació financera i d'altre tipus per a la prevenció, detecció, investigació o enjudiciament d'infraccions penals.
|Original_Source_Name_1=APDCAT
|Original_Source_Link_1=https://apdcat.gencat.cat/ca/documentacio/resolucions-dictamens-i-informes/cercadorOn/cercador-detall/PD-6-2021-00001
|Original_Source_Link_1=https://apdcat.gencat.cat/web/.content/Resolucio/Resolucions_Cercador/Dictamens/2021/Documents/ca_pd_2021_006-catala.pdf
|Original_Source_Language_1=Catalan, Valencian
|Original_Source_Language_1=Catalan
|Original_Source_Language__Code_1=CA
|Original_Source_Language__Code_1=CA


Line 51: Line 51:


|Initial_Contributor=Mohamed Siddibeh Kurubally
|Initial_Contributor=Mohamed Siddibeh Kurubally
|
|}}
}}


In the general issues section, the DPA points that the proposed law does not let to know clearly which personal data of the financial ownership file will be accessible for the competent authorities as well as which data will be excluded.
The Catalan DPA issued an opinion on the transposing law for the Directive (EU) 2019/1153, emphasizing, among others, the importance of implementing adequate measures to guarantee the security of the data, the necessity principle, and the data minimization principle.
In the third section, it’s pointed that the article 7.1 does not concurs with the principle of data minimization, and to solve this, a new redaction is proposed.
In the same section it is mentioned the need to add that every article should remark that the share of information will be carried out with the adoption of those technical and organizational measures necessary to guarantee data security.
Related to data protection section, the Authority notes an amendment to the sentence “as needed” for “when indispensable” to strengthen the exceptionality for the process of special categories of personal data.
It is finally suggested another amendment remarking the individualization and the technical formation for the  people who will process the data.


== English Summary ==
== English Summary ==


=== Facts ===
=== Facts ===
Catalan DPA authority issued an opinion from the request of the Ministry of the Interior in order to evaluate a proposed Law.
The Catalan DPA issued an opinion at the request of the Ministry of the Interior in order to evaluate the Law proposal that will transpose the Directive (EU) 2019/1153, laying down rules facilitating the use of financial and other information for the prevention, detection, investigation or prosecution of certain criminal offences.
=== Holding ===
In the about general issues, the DPA pointed out that the law proposal does not clearly state which personal data of the financial ownership file will be accessible for the competent authorities as well as which data will be excluded, and that some necessary definitions are missing.


=== Dispute ===
In the next sections, it is pointed out that Article 7(1) does not concur with the principle of data minimization, so a new redaction is proposed.


It is also mentioned that a remark regarding that the sharing of information shall be carried out with the implementation of the necessary technical and organizational measures to guarantee the security of the data needs to be added for every article.


=== Holding ===
With regards to the data protection section, the DPA laid down an amendment changing the sentence “when necessary” for “when indispensable”, in order to strengthen the exceptionality for the processing of special categories of personal data.
The proposed law intends to facilitate the use of financial and other information for the prevention, detection, investigation or prosecution of criminal offences.
 
This regulation will become the transposition of the Directive (EU) 2019/1153.
Another amendment remarking the individualization and the technical training of the people who will process the data is lastly suggested.
Regarding the Authority considerations, the opinion it is structured in five sections, a first section about general issues, a second about access to the financial ownership file by the competent authorities, a third about share of information and financial analysis, forth about data protection and fifth about data protection.


== Comment ==
== Comment ==

Latest revision as of 08:59, 18 August 2021

APDCAT (Catalonia) - PD 6/2021
Apdcat-logo.png
Authority: APDCAT (Catalonia)
Jurisdiction: Spain
Relevant Law:
Directive (EU) 2019/1153
Directive (EU) 2015/849
LO 7/2021
Ley 10/2010
Type: Advisory Opinion
Outcome: n/a
Started:
Decided: 22.07.2021
Published: 22.07.2021
Fine: None
Parties: n/a
National Case Number/Name: PD 6/2021
European Case Law Identifier: n/a
Appeal: n/a
Original Language(s): Catalan
Original Source: APDCAT (in CA)
Initial Contributor: Mohamed Siddibeh Kurubally

The Catalan DPA issued an opinion on the transposing law for the Directive (EU) 2019/1153, emphasizing, among others, the importance of implementing adequate measures to guarantee the security of the data, the necessity principle, and the data minimization principle.

English Summary

Facts

The Catalan DPA issued an opinion at the request of the Ministry of the Interior in order to evaluate the Law proposal that will transpose the Directive (EU) 2019/1153, laying down rules facilitating the use of financial and other information for the prevention, detection, investigation or prosecution of certain criminal offences.

Holding

In the about general issues, the DPA pointed out that the law proposal does not clearly state which personal data of the financial ownership file will be accessible for the competent authorities as well as which data will be excluded, and that some necessary definitions are missing.

In the next sections, it is pointed out that Article 7(1) does not concur with the principle of data minimization, so a new redaction is proposed.

It is also mentioned that a remark regarding that the sharing of information shall be carried out with the implementation of the necessary technical and organizational measures to guarantee the security of the data needs to be added for every article.

With regards to the data protection section, the DPA laid down an amendment changing the sentence “when necessary” for “when indispensable”, in order to strengthen the exceptionality for the processing of special categories of personal data.

Another amendment remarking the individualization and the technical training of the people who will process the data is lastly suggested.

Comment

Share your comments here!

Further Resources

Share blogs or news articles here!

English Machine Translation of the Decision

The decision below is a machine translation of the Catalan, Valencian original. Please refer to the Catalan, Valencian original for more details.










PD 6/2021

22/07/2021


Report on dispositions



SECTORAL AREACriminal court








Download


PD 6/2021 [307.24 kB]