CE - 466856: Difference between revisions
(Created page with "{{COURTdecisionBOX |Jurisdiction=France |Court-BG-Color= |Courtlogo=Courts_logo1.png |Court_Abbrevation=CE |Court_Original_Name=Conseil d'Etat |Court_English_Name=Supreme Administrative Court |Court_With_Country=CE (France) |Case_Number_Name=466856 |ECLI=ECLI:FR:CECHS:2023:466856.20230626 |Original_Source_Name_1=Légifrance |Original_Source_Link_1=https://www.legifrance.gouv.fr/ceta/id/CETATEXT000047745229?juridiction=CONSEIL_ETAT&juridiction=COURS_APPEL&page=1&pageSi...") |
No edit summary |
||
| Line 67: | Line 67: | ||
A data subject was registered in the information system of the company Verifone (controller). After changing her identity, she requested a court in the USA to order the rectification of her customer account data (surname, first name, email) and other documents such as orders. The court refused, and the data subject referred the matter to the CNIL. | A data subject was registered in the information system of the company Verifone (controller). After changing her identity, she requested a court in the USA to order the rectification of her customer account data (surname, first name, email) and other documents such as orders. The court refused, and the data subject referred the matter to the CNIL. | ||
The CNIL contacted the controller to ask it to rectify the data subject's customer account data, which it did for the customer account data but not for the other documents. The CNIL considered that the documents drawn up before the change of identity did not need to be rectified because the change of identity | The CNIL contacted the controller to ask it to rectify the data subject's customer account data, which it did for the customer account data but not for the other documents. The CNIL considered that the documents drawn up before the change of identity did not need to be rectified retroactively because the change of identity happened later. It considered that the data could not be considered as inaccurate since they were accurate at the time and for the purpose of the processing. These documents therefore did not contain any inaccuracies that should have been corrected under [[Article 16 GDPR|Article 16 GDPR]]. | ||
The data subject took the CNIL's decision to the Conseil d'Etat ( | The data subject took the CNIL's decision to the Conseil d'Etat (Supreme administrative court). | ||
=== Holding === | === Holding === | ||
Revision as of 12:11, 10 July 2023
| CE - 466856 | |
|---|---|
 | |
| Court: | CE (France) |
| Jurisdiction: | France |
| Relevant Law: | Article 16 GDPR |
| Decided: | 26.06.2023 |
| Published: | |
| Parties: | |
| National Case Number/Name: | 466856 |
| European Case Law Identifier: | ECLI:FR:CECHS:2023:466856.20230626 |
| Appeal from: | CNIL |
| Appeal to: | Unknown |
| Original Language(s): | French |
| Original Source: | Légifrance (in French) |
| Initial Contributor: | n/a |
The French Supreme administrative court held that the right to rectification can be used to rectify data after an identity change but not retroactively to rectify documents prior to the identity change.
English Summary
Facts
A data subject was registered in the information system of the company Verifone (controller). After changing her identity, she requested a court in the USA to order the rectification of her customer account data (surname, first name, email) and other documents such as orders. The court refused, and the data subject referred the matter to the CNIL.
The CNIL contacted the controller to ask it to rectify the data subject's customer account data, which it did for the customer account data but not for the other documents. The CNIL considered that the documents drawn up before the change of identity did not need to be rectified retroactively because the change of identity happened later. It considered that the data could not be considered as inaccurate since they were accurate at the time and for the purpose of the processing. These documents therefore did not contain any inaccuracies that should have been corrected under Article 16 GDPR.
The data subject took the CNIL's decision to the Conseil d'Etat (Supreme administrative court).
Holding
The Conseil d'Etat considered that the CNIL correctly applied Article 16 GDPR and therefore upheld the CNIL's decision.
Comment
Share your comments here!
Further Resources
Share blogs or news articles here!
English Machine Translation of the Decision
The decision below is a machine translation of the French original. Please refer to the French original for more details.
