APDCAT (Catalonia) - PD 6/2021: Difference between revisions

From GDPRhub
No edit summary
 
(One intermediate revision by one other user not shown)
Line 12: Line 12:
|Original_Source_Name_1=APDCAT
|Original_Source_Name_1=APDCAT
|Original_Source_Link_1=https://apdcat.gencat.cat/web/.content/Resolucio/Resolucions_Cercador/Dictamens/2021/Documents/ca_pd_2021_006-catala.pdf
|Original_Source_Link_1=https://apdcat.gencat.cat/web/.content/Resolucio/Resolucions_Cercador/Dictamens/2021/Documents/ca_pd_2021_006-catala.pdf
|Original_Source_Language_1=Catalan, Valencian
|Original_Source_Language_1=Catalan
|Original_Source_Language__Code_1=CA
|Original_Source_Language__Code_1=CA


Line 53: Line 53:
|}}
|}}


The Catalan DPA issued an opinion on the transposing law for the Directive (EU) 2019/1153, emphasizing, among others, the importance of adequate measures to guarantee the security of the data, the necessity principle and the data minimization principle.
The Catalan DPA issued an opinion on the transposing law for the Directive (EU) 2019/1153, emphasizing, among others, the importance of implementing adequate measures to guarantee the security of the data, the necessity principle, and the data minimization principle.


== English Summary ==
== English Summary ==


=== Facts ===
=== Facts ===
The Catalan DPA issued an opinion at the request of the Ministry of the Interior in order to evaluate a Law proposal that transposes the Directive (EU) 2019/1153, laying down rules facilitating the use of financial and other information for the prevention, detection, investigation or prosecution of certain criminal offences.
The Catalan DPA issued an opinion at the request of the Ministry of the Interior in order to evaluate the Law proposal that will transpose the Directive (EU) 2019/1153, laying down rules facilitating the use of financial and other information for the prevention, detection, investigation or prosecution of certain criminal offences.
 
Regarding the DPA considerations, the opinion it is structured in five sections: a first section about general issues, a second about access to the financial ownership file by the competent authorities, a third about share of information and financial analysis, forth about data protection and fifth about data protection.
=== Holding ===
=== Holding ===
In the general issues section, the DPA pointed out that the law proposal does not let to know clearly which personal data of the financial ownership file will be accessible for the competent authorities as well as which data will be excluded.
In the about general issues, the DPA pointed out that the law proposal does not clearly state which personal data of the financial ownership file will be accessible for the competent authorities as well as which data will be excluded, and that some necessary definitions are missing.


In the third section, it’s pointed out that Article 7(1) does not concur with the principle of data minimization, and to solve this, a new redaction is proposed.
In the next sections, it is pointed out that Article 7(1) does not concur with the principle of data minimization, so a new redaction is proposed.


In the same section it is mentioned that it needs to be added for every article a remark that the sharing of information shall be carried out with the adoption of the necessary technical and organizational measures to guarantee the security of the data.
It is also mentioned that a remark regarding that the sharing of information shall be carried out with the implementation of the necessary technical and organizational measures to guarantee the security of the data needs to be added for every article.


With regard to the data protection section, the DPA noted an amendment to the sentence “as needed” for “when indispensable” to strengthen the exceptionality for the processing of special categories of personal data.  
With regards to the data protection section, the DPA laid down an amendment changing the sentence “when necessary” for “when indispensable”, in order to strengthen the exceptionality for the processing of special categories of personal data.  


It is finally suggested another amendment remarking the individualization and the technical training of the people who will process the data.
Another amendment remarking the individualization and the technical training of the people who will process the data is lastly suggested.


== Comment ==
== Comment ==

Latest revision as of 08:59, 18 August 2021

APDCAT (Catalonia) - PD 6/2021
Apdcat-logo.png
Authority: APDCAT (Catalonia)
Jurisdiction: Spain
Relevant Law:
Directive (EU) 2019/1153
Directive (EU) 2015/849
LO 7/2021
Ley 10/2010
Type: Advisory Opinion
Outcome: n/a
Started:
Decided: 22.07.2021
Published: 22.07.2021
Fine: None
Parties: n/a
National Case Number/Name: PD 6/2021
European Case Law Identifier: n/a
Appeal: n/a
Original Language(s): Catalan
Original Source: APDCAT (in CA)
Initial Contributor: Mohamed Siddibeh Kurubally

The Catalan DPA issued an opinion on the transposing law for the Directive (EU) 2019/1153, emphasizing, among others, the importance of implementing adequate measures to guarantee the security of the data, the necessity principle, and the data minimization principle.

English Summary

Facts

The Catalan DPA issued an opinion at the request of the Ministry of the Interior in order to evaluate the Law proposal that will transpose the Directive (EU) 2019/1153, laying down rules facilitating the use of financial and other information for the prevention, detection, investigation or prosecution of certain criminal offences.

Holding

In the about general issues, the DPA pointed out that the law proposal does not clearly state which personal data of the financial ownership file will be accessible for the competent authorities as well as which data will be excluded, and that some necessary definitions are missing.

In the next sections, it is pointed out that Article 7(1) does not concur with the principle of data minimization, so a new redaction is proposed.

It is also mentioned that a remark regarding that the sharing of information shall be carried out with the implementation of the necessary technical and organizational measures to guarantee the security of the data needs to be added for every article.

With regards to the data protection section, the DPA laid down an amendment changing the sentence “when necessary” for “when indispensable”, in order to strengthen the exceptionality for the processing of special categories of personal data.

Another amendment remarking the individualization and the technical training of the people who will process the data is lastly suggested.

Comment

Share your comments here!

Further Resources

Share blogs or news articles here!

English Machine Translation of the Decision

The decision below is a machine translation of the Catalan, Valencian original. Please refer to the Catalan, Valencian original for more details.










PD 6/2021

22/07/2021


Report on dispositions



SECTORAL AREACriminal court








Download


PD 6/2021 [307.24 kB]