RvS - 202203653/1/A3: Difference between revisions

From GDPRhub
No edit summary
 
(One intermediate revision by the same user not shown)
Line 51: Line 51:
|Party_Link_2=
|Party_Link_2=


|Appeal_From_Body=Rb. Midden-Nederland (NL)
|Appeal_From_Body=Rb. Midden-Nederland (Netherlands)
|Appeal_From_Case_Number_Name=21/3403
|Appeal_From_Case_Number_Name=21/3403
|Appeal_From_Status=
|Appeal_From_Status=
Line 64: Line 64:
}}
}}


A court held that the tax authority’s further processing of personal data, originally collected from the data subject’s tax advisor for the detection of criminal offences, was lawful.
A court held that the Tax Administration further processing of personal data, originally collected from the data subject’s tax advisor for the detection of criminal offences, was lawful.


== English Summary ==
== English Summary ==


=== Facts ===
=== Facts ===
The data subject’s personal data was processed by the Tax Authority because it suspected him of not fulfilling his tax obligations. This suspicion was raised after the Fiscal Information and Investigation Service (FIOD) had carried out a criminal investigation into the data subject’s tax advisor. During the investigation, the FIOD drew on the assistance of three employees of the Tax Authority and data on the customer's of the tax advisor under investigation, including the personal data of the data subject, were analysed during the proceedings. The data subject requested the erasure of their data under [[Article 17 GDPR|Article 17 GDPR]] but the request was rejected by the controller, the Minister of Finance. In the Netherlands, the Tax Authority forms part of the Ministry of Finance.  
The data subject’s personal data was processed by the Tax Administration because it suspected him of not fulfilling his tax obligations. This suspicion was raised after the Fiscal Information and Investigation Service (FIOD) had carried out a criminal investigation into the data subject’s tax advisor. During the investigation, the FIOD drew on the assistance of three employees of the Tax Administration and data on the customer's of the tax advisor under investigation, including the personal data of the data subject, were analysed during the proceedings. The data subject requested the erasure of their data under [[Article 17 GDPR|Article 17 GDPR]] but the request was rejected by the controller, the Minister of Finance. In the Netherlands, the Tax Administration forms part of the Ministry of Finance.  


The data subject argued that the Tax Authority is processing his personal data for a purpose other than the purpose for which the FIOD initially collected the data. The data subject appealed the Minister's decision to the District Court of Central Netherlands (''Rb. Midden-Nederlands'') which held that the controller had complied with both the requirements of the GDPR as well as the Law Enforcement Directive. The data subject appealed this decision to the Administrative Jurisdiction Division of the Council of State (''Afdeling Bestuursrechtspraak van de Raad van State – ABRvS'').
The data subject argued that the Tax Administration is processing his personal data for a purpose other than the purpose for which the FIOD initially collected the data. The data subject appealed the Minister's decision to the District Court of Central Netherlands (''Rb. Midden-Nederlands'') which held that the controller had complied with both the requirements of the GDPR as well as the Law Enforcement Directive. The data subject appealed this decision to the Administrative Jurisdiction Division of the Council of State (''Afdeling Bestuursrechtspraak van de Raad van State – ABRvS'').


=== Holding ===
=== Holding ===
The court determined that since the data had been collected for the purpose of the detection of criminal offences, it had to consider whether the disclosure of data by the FIOD to the Tax Authority was permissible. It stated that under [https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX:32016L0680 Article 9 of the Law Enforcement Directive], further processing of personal data is permissible if authorised by EU law. The court held that the further processing of data fell under the remit of the GDPR as the Tax Authority fulfills a task which is in the public interest.  
The court determined that since the data had been collected for the purpose of the detection of criminal offences, it had to consider whether the disclosure of data by the FIOD to the Tax Administration was permissible. It stated that under [https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX:32016L0680 Article 9 of the Law Enforcement Directive], further processing of personal data is permissible if authorised by EU law. The court held that the further processing of data fell under the remit of the GDPR as the Tax Administration fulfills a task which is in the public interest.  


The court reiterated the District Court’s position in that the provision of the personal data by the FIOD to the Tax Authority was necessary for the performance of a task of public interest as referred to in [[Article 6 GDPR#1e|Article 6(1)(e) GDPR]]. The court highlighted that the task cannot be performed in a less invasive way and that the data subject did not establish what alternatives could have been drawn upon. Further, the court stated that the data had been limited to what was necessary and that the involved employees were bound to secrecy.  
The court reiterated the District Court’s position in that the provision of the personal data by the FIOD to the Tax Administration was necessary for the performance of a task of public interest as referred to in [[Article 6 GDPR#1e|Article 6(1)(e) GDPR]]. The court highlighted that the task cannot be performed in a less invasive way and that the data subject did not establish what alternatives could have been drawn upon. Further, the court stated that the data had been limited to what was necessary and that the involved employees were bound to secrecy.  


Therefore, the court dismissed the appeal as being unfounded and held that the Minister correctly rejected the data subjects request for erasure of data.
Therefore, the court dismissed the appeal as being unfounded and held that the Minister correctly rejected the data subjects request for erasure of data.

Latest revision as of 14:20, 20 November 2024

RvS - 202203653/1/A3
Courts logo1.png
Court: RvS (Netherlands)
Jurisdiction: Netherlands
Relevant Law: Article 6 GDPR
Article 17 GDPR
Article 9 Directive 2016/680
Decided: 13.11.2024
Published: 13.11.2024
Parties:
National Case Number/Name: 202203653/1/A3
European Case Law Identifier: ECLI:NL:RVS:2024:4603
Appeal from: Rb. Midden-Nederland (Netherlands)
21/3403
Appeal to:
Original Language(s): Dutch
Original Source: de Rechtspraak (in Dutch)
Initial Contributor: Ao

A court held that the Tax Administration further processing of personal data, originally collected from the data subject’s tax advisor for the detection of criminal offences, was lawful.

English Summary

Facts

The data subject’s personal data was processed by the Tax Administration because it suspected him of not fulfilling his tax obligations. This suspicion was raised after the Fiscal Information and Investigation Service (FIOD) had carried out a criminal investigation into the data subject’s tax advisor. During the investigation, the FIOD drew on the assistance of three employees of the Tax Administration and data on the customer's of the tax advisor under investigation, including the personal data of the data subject, were analysed during the proceedings. The data subject requested the erasure of their data under Article 17 GDPR but the request was rejected by the controller, the Minister of Finance. In the Netherlands, the Tax Administration forms part of the Ministry of Finance.

The data subject argued that the Tax Administration is processing his personal data for a purpose other than the purpose for which the FIOD initially collected the data. The data subject appealed the Minister's decision to the District Court of Central Netherlands (Rb. Midden-Nederlands) which held that the controller had complied with both the requirements of the GDPR as well as the Law Enforcement Directive. The data subject appealed this decision to the Administrative Jurisdiction Division of the Council of State (Afdeling Bestuursrechtspraak van de Raad van State – ABRvS).

Holding

The court determined that since the data had been collected for the purpose of the detection of criminal offences, it had to consider whether the disclosure of data by the FIOD to the Tax Administration was permissible. It stated that under Article 9 of the Law Enforcement Directive, further processing of personal data is permissible if authorised by EU law. The court held that the further processing of data fell under the remit of the GDPR as the Tax Administration fulfills a task which is in the public interest.

The court reiterated the District Court’s position in that the provision of the personal data by the FIOD to the Tax Administration was necessary for the performance of a task of public interest as referred to in Article 6(1)(e) GDPR. The court highlighted that the task cannot be performed in a less invasive way and that the data subject did not establish what alternatives could have been drawn upon. Further, the court stated that the data had been limited to what was necessary and that the involved employees were bound to secrecy.

Therefore, the court dismissed the appeal as being unfounded and held that the Minister correctly rejected the data subjects request for erasure of data.

Comment

Share your comments here!

Further Resources

Share blogs or news articles here!

English Machine Translation of the Decision

The decision below is a machine translation of the Dutch original. Please refer to the Dutch original for more details.