Rb. Amsterdam - C/13/673049 / HA RK 19-338
From GDPRhub
| Rb. Amsterdam - C/13/673049 / HA RK 19-338 | |
|---|---|
 | |
| Court: | Rb. Amsterdam (Netherlands) |
| Jurisdiction: | Netherlands |
| Relevant Law: | Article 4(1) GDPR Article 15 GDPR |
| Decided: | 09.04.2020 |
| Published: | 10.11.2020 |
| Parties: | Stichting Jeugdbescherming regio Amstedam |
| National Case Number/Name: | C/13/673049 / HA RK 19-338 |
| European Case Law Identifier: | ECLI:NL:RBAMS:2020:2250 |
| Appeal from: | |
| Appeal to: | Unknown |
| Original Language(s): | Dutch |
| Original Source: | de Rechtspraak (in Dutch) |
| Initial Contributor: | Patrick Schreurs |
Dutch district court holds that internal notes and correspondence which can be qualified as personal thoughts from employees which are only intended for internal consultation and deliberation, can not be qualified as personal data in the sense of the GDPR.
English Summary
Facts
A minor has been placed under supervision of the Amsterdam Centre for Youth and Family (Stichting Jeugdbescherming regio Amsterdam; the defendant). The mother (plaintiff) requests a copy of the complete file from the defendant containing her personal data. The defendant provides the requested data, but removes some phrases and didn’t provide internal notes.
Dispute
Are internal notes and correspondence containing personal data subject to article 15 GDPR?
Holding
The court ruled that the plaintiff did not provide enough indications to contradict the statement of the defendant that the removed phrases did not contain personal data. The request to provide the removed phrases is denied.
The court rules that the internal notes and correspondence must be qualified as personal thoughts from employees which are only intended for internal consultation and deliberation and therefor can’t be qualified as personal data in the sense of the GDPR. Besides, the purpose of the request is not consistent with the purpose of article 15 GDPR. The request was made in relation to a family dispute, while the purpose of article 15 GDPR is to enable data subjects to verify whether their personal data is correct and to verify whether their personal data is processed lawfully. The request is denied.
Comment
The request was also based on a national juvenile law (Jeugdwet). This part is not covered in this summary.
Further Resources
Share blogs or news articles here!
English Machine Translation of the Decision
The decision below is a machine translation of the Dutch original. Please refer to the Dutch original for more details.
Authority Court of Amsterdam Date of judgment 09-04-2020 Date of publication 10-11-2020 Case number C / 13/673049 / HA RK 19-338 Jurisdictions Civil rights Special characteristics First instance - single Content indication Rejection of a request for copies of documents submitted against Youth Protection on the basis of Article 7.3.10 Youth Act and Article 15 GDPR. Locations Rechtspraak.nl Enriched pronunciation Statement decision COURT OF AMSTERDAM Private Law Department case number / application number: C / 13/673049 / HA RK 19-338 Order of April 9, 2020 in the case of [applicant] , residing in [residence], applicant, authorized WE van Bentem in Garrelsweer, against 1. the foundation FOUNDATION YOUTH PROTECTION REGION AMSTERDAM , Located in Amsterdam, defendant, lawyer mr. JK van den Heuvel in Amsterdam, 2. [interested party] , residing in [residence], interested party, attorney DH Bialkowski in Amsterdam. The parties are hereinafter referred to as [applicant], Youth Protection and [interested party]. 1The procedure 1.1. The course of the procedure is evidenced by: - the application with appendices, received at the registry on 1 October 2019, - the letter of 30 October 2019 from Youth Protection with a copy of the letter of 29 October 2019 from Youth Protection to [applicant], - the letter of 22 December 2019 on behalf of [applicant], - the decision of January 30, 2020 in which an oral hearing has been determined, - the deed with appendices from Youth Protection, received on February 14, 2020, - the official report of the oral hearing held on 26 February 2020 and the (procedural) documents mentioned therein. 2The facts 2.1. [Applicant] has had a registered partnership with [interested party]. They are the parents in charge of the minor children [minor 1] (15 years) and [minor 2] (13 years). There are divorce issues. Several and lengthy proceedings are pending between [applicant] and [interested party], including on custody of the children. 2.2. By order of 12 December 2018 of this court, the children were placed under the supervision of the Youth Protection Agency (hereinafter: the family supervision order, also known as OTS). The OTS was last extended by decision of 11 October 2019 to 11 December 2020. 2.3. In the context of its involvement with the family, the Youth Protection Agency has created a client file as referred to in Article 7.3.8 Youth Act (hereinafter: the client file). Mr [name of family manager] is the family manager on behalf of Youth Protection, Ms [name of team manager] is team manager. 2.4. In a letter of 3 June 2019 to the Directorate of Youth Protection, [applicant] pursuant to Article 15 of the GDPR (Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on free movement of those data, OJ EU L 119/1) and Article 7.3.10 of the Youth Act, submitted a request to send a complete copy of the files that have been created by Youth Protection regarding assistance in the compulsory framework and currently enforced framework (OTS) these relate to the children and [applicant]. 2.5. After [applicant] submitted her petition, [name of team manager] informed [applicant] in a letter dated 29 October 2019 on behalf of Youth Protection that her request of 3 June 2019 unfortunately did not reach the family manager. She also invited [the applicant] to come and inspect the client file, with due observance of the applicable privacy rules, to ask any questions about the file to the family manager / team manager concerned and to receive a copy of the file documents, if desired. 2.6. On 5 November 2019, the representative of [applicant] informed the Youth Protection Agency that [applicant] does not wish to make use of the offer to inspect the file and that she only wishes to receive a copy of the file. 2.7. By letter of 19 November 2019, the Youth Protection Agency provided [applicant] with a table of contents of the documents present in the file and a quantity of documents. In the letter, Youth Protection wrote that it concerns a copy of the client file that, in accordance with art. 7.3.8. Youth Act has been set up. 2.8. By e-mail of 4 December 2019, [applicant] informed the Youth Protection Agency that it cannot be deduced from the table of contents which file documents have not been provided to her, and that the file provided is incomplete, pointing to some documents that are allegedly missing. 2.9. By e-mail of 16 December 2019, [name of team manager] responded on behalf of Youth Protection to the documents mentioned by [applicant] and wrote that all e-mail correspondence addressed to [applicant] in copy was not provided, because [applicant] had already known is with its content. She also wrote in the letter that the Youth Protection Agency is happy to enter into a dialogue with [applicant]. 2.10. In a letter dated 22 December 2019, the representative of [the applicant] informed the court that the Youth Protection Agency had partly implemented the request for access, but did not make it clear which data that did fall under the right of access had not been provided, and he requested a determine oral hearing. 2.11. On 20 February 2020, the Youth Protection Agency provided a large number of documents totaling 2,944 pages to [applicant]. A copy of all e-mail correspondence sent in copy to [applicant] was also attached to these documents. 3The request 3.1. [Applicant] requests, by provisionally enforceable decision, that Youth Protection should be ordered within two weeks to [applicant]: in current digital form, a certified copy of the file created by Youth Protection in the context of the implementation of the OTS [to be provided, rb]; on the basis of Article 15, paragraph 3 of the GDPR, to provide a copy of all personal data concerning her and the children that are not included in the file as referred to in Article 7.3.8, paragraph 1 of the Youth Act, including all data that appear in digital messages, including emails, text messages and Whatsapp messages; to communicate the origin of personal data concerning her and the children, insofar as these origin data are not already apparent from the data to be provided in copies pursuant to the main convictions under 1 and 2; to notify the recipients of personal data concerning her and the children, insofar as these receipt data do not already appear from the data to be provided in copies pursuant to the main convictions under 1 and 2; to determine that for each day that it fails to comply with (one of) the convictions, Youth Protection will forfeit a penalty of € 5,000, with an order from Youth Protection to pay the costs of the proceedings. 3.2. Youth Protection puts forward a defense and contends that the request for access should be rejected, with [applicant] being ordered to pay the costs of the proceedings. 3.3. The arguments of the parties are discussed in more detail below, where necessary. 4The assessment 4.1. The request pertains to access to the client file on the basis of Article 7.3.10 of the Youth Act, as well as to all documents that do not belong to the client file and in which personal data of [applicant] have been processed, in that case on the basis of Article 15 GDPR in consistency with Article 12 GDPR. 4.2. When assessing [the applicant's] request, it is first of all important whether and to what extent Youth Protection has already complied with her request. In that context, the court establishes the following, which can be deduced from the facts presented. 4.3. In response to the petition, the Youth Protection Agency invited [petitioner] to inspect the client file, during which time there was the opportunity to ask questions to the family manager and to receive copies of documents. [Applicant] declined this invitation and instead claimed a copy of the client file. 4.4. The Youth Protection Agency subsequently provided a number of documents, in its own words the client file, to [the applicant] with a list of contents. The parties subsequently corresponded about this, after which [the applicant] concluded that the Youth Protection Agency did not make it clear which documents were missing from the file provided, and that it persisted in its application. The Youth Protection Agency subsequently sent a large number of documents to [the applicant] four days before the hearing. This file also contains the e-mail correspondence that was already known to [the applicant]. For that reason, Youth Protection had not included this in the file previously provided. 4.5. This raises the question whether Youth Protection has complied with [the applicant's] request with the second file provided. 4.6. During the session, the debate between the parties on this question was further developed. Youth Protection has explained that it has not provided a copy of internal notes and correspondence and correspondence with its lawyer. The Youth Protection further explained that a communication from [minor 2] in an e-mail dated 14 October 2019 from [interested party] to Youth Protection (hereinafter: the painted part) in order to protect the interests of [minor 2]. 4.7. [Applicant] has argued that in view of the late date of the submission of the large number of documents - four days before the hearing - it did not have enough time to verify whether the file provided by Youth Protection is now complete. [Applicant] explained at the hearing that her suspicion of Youth Protection arose because she found in the previously submitted file a draft request to remove her from parental authority. According to [applicant], this shows that Youth Protection acts behind her back. According to [applicant], the Youth Protection Agency cannot appeal to the internal defense of memorandum, given the case law of the Administrative Jurisdiction Division of the Council of State. With regard to the part that has been painted away, the appeal on the ground for refusal is unjustified, or at least the court must test the merits of this appeal by means of inspection, according to [applicant]. the request under the Youth Act 4.8. The first basis for the request of [applicant] concerns Article 7.3.10 of the Youth Act and the right of inspection laid down therein. 4.9. Article 7.3.8 of the Youth Act reads as follows: The youth care provider sets up a file regarding the provision of youth care. He / she keeps a note in the file of the information about the growing up and upbringing problems, psychological problems and disorders and the activities performed in this respect and records other information therein, all this insofar as this is necessary for proper assistance to the person concerned. . If requested, the youth care provider will add a statement issued by the person concerned to the file. Without prejudice to the provisions of Article 7.3.9, the youth care provider will keep the file for twenty years, to be counted from the time when the last change in the file took place, or for as much longer as reasonably ensues from the care of a good youth care provider. 4.10. Article 7.3.10 of the Youth Act reads as follows: Upon request, the youth care provider will provide the person concerned with access to and a copy of the data from the file. The provision will not be made insofar as this is necessary in the interest of protecting the privacy of another person. 4.11. The court finds that it follows from these provisions that [the applicant] as a parent with custody of the children is in principle entitled to the complete client file of Youth Protection. internal correspondence and notes 4.12. Youth Protection has rightly argued that internal notes and correspondence outside the client file as referred to in Article 7.3.8. fall under the Youth Act. Nor has [the applicant] disputed this. the painted part 4.13. The parties agree that the painted part does in principle belong to the client file. When this information is withheld, however, Youth Protection relies on the second sentence of Article 7.2.10 of the Youth Act, which prescribes that disclosure is not made to the extent necessary in the interest of protecting the privacy of another person. Youth Protection has explained that the quoted communication from [minor 2] in the e-mail concerned has been concealed because it is confidential. Sharing this communication would infringe her privacy and detract from the care of a good care provider to be observed by Youth Protection. The court considers this explanation from Youth Protection to be sufficient.It also takes into account that a single communication is involved in a very extensive file. other pieces? 4.14. [Applicant] has further argued that she has reason to assume that the Youth Protection Agency has not provided her with the complete file. In doing so, she referred to the draft request that she found in the file. The court considers that it cannot follow from the fact that a document is present in the file provided that not all documents from the client file have been provided. 4.15. [Applicant] also pointed to the fact that shortly before a hearing in family law proceedings she received a report expressing the suspicion that there was 'parentification'. [Applicant] is surprised that such an important suspicion does not appear anywhere in the correspondence of Youth Protection. According to her, this indicates that this correspondence is being withheld. However, [name of family manager] explained on this point at the hearing that he received the report in question at the same time as [the applicant]. This refutes [the applicant's] presumption. In addition, Youth Protection has explained that its working method is that family situations are mainly discussed in consultation structures.In that light, too, certain subjects do not necessarily have to be laid down in correspondence. Because of this explanation, the court sees no reason for the suspicion of [applicant] that the complete file has not been provided. 4.16. Finally, [applicant] argued that the file provided was compiled by the Youth Protection itself and not by an independent party. However, that is not a requirement set by law. Youth Protection is subject to the obligations as set out above and the court has to assess whether these have been met. 4.17. On the basis of all the foregoing, the conclusion is that the Youth Protection Agency has complied with the request of [applicant] insofar as it is based on Article 7.3.10 of the Youth Act. the request based on GDPR 4.18. The second basis for the request of [applicant] concerns Article 15 GDPR in conjunction with Article 12 GDPR. The GDPR is the successor to Directive 95/46 / EC of the European Parliament and of the Council of 24 October 1995 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter: the Personal Data Directive ), as implemented in the Personal Data Protection Act (hereinafter: the Wbp). 4.19. According to paragraph 1 of Article 15 of the GDPR, [applicant] has the right to obtain from (the controller) Youth Protection whether or not it processes personal data and, if that is the case, to obtain access to those personal data and of the (inter alia and insofar as relevant here) following information: a. a) the purposes of the processing; b) the categories of personal data concerned; (c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations; d) if possible, the expected period for which the personal data will be stored or, if that is not possible, the criteria for determining that period; (e) where the personal data are not collected from the data subject, all available information on the source of that data. According to Article 15 (3) GDPR, the controller must provide the data subject with a copy of the personal data being processed. Article 12 (1) of the GDPR stipulates that the data subject receives such information in a concise, transparent, comprehensible and easily accessible form and in clear and plain language. 4.20. The right of access was previously laid down in Article 12 of the Personal Data Directive. The purpose of that right of access was to enable the data subject to become aware of the personal data collected about him and to check whether those data are correct and have been processed lawfully. There are no indications that under the GDPR the objective and scope of this right of access has changed compared to the Personal Data Directive. The court therefore takes the starting point that the rulings of the Court of Justice of the European Union (CJEU) and the Supreme Court that were rendered on the right of access at the time of the Personal Data Directive also apply now that the GDPR is in force. 4.21. Article 15 of the GDPR shows that the right of access is limited to personal data. The interpretation of the term 'personal data' therefore determines the scope of the right of inspection. Pursuant to Article 4 (1) of the GDPR, personal data is 'all information about an identified or identifiable natural person'. The CJEU provides a broad explanation of the term “personal data”. The CJEU has considered that the concept of personal data is not limited to sensitive or personal information but potentially extends to any type of information, both objective and subjective information in the form of opinions or assessments, provided that this information concerns the data subject. The latter condition is fulfilled when the information, because of its content,purpose or effect is related to a particular person and with which that person is reasonably identifiable to another person (CJEU 20 December 2017, C-434/16, “Nowak”, ECLI: EU: C: 2017: 994). 4.22. Furthermore, relevant for the assessment of the request is the judgment of the CJEU of 17 July 2014 (C-141/12 and C-371/12, “IND”, ECLI: EU: C: 2014: 2081). In this case, the CJEU considered - in short - that a legal analysis may contain personal data, but does not in itself constitute such data within the meaning of Article 2 (a) of the Personal Data Directive. Unlike the data that may form the factual basis for the legal analysis, such an analysis itself cannot be checked for accuracy by the data subject and corrected. The Personal Data Directive does not cover this. In its judgment of 16 March 2018 (ECLI: NL: HR: 2018:365), the Supreme Court - with reference to the considerations of the CJEU in this judgment - considered that the Personal Data Directive implemented by the Wbp enables the data subject to check whether his personal data are correct and have been processed lawfully, in order to protect of the right of the data subject to respect for his privacy. This check can then lead to rectification, erasure or blocking of the data. The claim in those proceedings was aimed at obtaining information for the purpose of legal proceedings and not the purpose for which the Personal Data Directive serves, so that, according to the Supreme Court, there was no personal data within the meaning of the Personal Data Directive.enables the data subject to verify that their personal data are correct and have been lawfully processed, in order to protect the data subject's right to respect for their privacy. This check can then lead to rectification, erasure or blocking of the data. The claim in those proceedings was aimed at obtaining information for the purpose of legal proceedings and not the purpose for which the Personal Data Directive serves, so that according to the Supreme Court there was no personal data within the meaning of the Personal Data Directive.enables the data subject to verify that their personal data are accurate and have been lawfully processed, in order to protect the data subject's right to respect for their privacy. This check can then lead to rectification, erasure or blocking of the data. The claim in those proceedings was aimed at obtaining information for the purpose of legal proceedings and not the purpose for which the Personal Data Directive serves, so that, according to the Supreme Court, there was no personal data within the meaning of the Personal Data Directive.The claim in those proceedings was aimed at obtaining information for the purpose of legal proceedings and not the purpose for which the Personal Data Directive serves, so that according to the Supreme Court there was no personal data within the meaning of the Personal Data Directive.The claim in those proceedings was aimed at obtaining information for the purpose of legal proceedings and not the purpose for which the Personal Data Directive serves, so that, according to the Supreme Court, there was no personal data within the meaning of the Personal Data Directive. 4.23. In decisions of 29 June 2007, the Supreme Court ruled that internal memos containing the personal thoughts of employees and which are exclusively intended for internal consultation and deliberation are in principle not part of a 'file' and for that reason outside the scope of the right of access (HR 29 June 2007, ECLI: NL: HR: 2007: AZ4663 (Dexia / respondent S.), ECLI: NL: HR: 2007: AZ4664 (Dexia / respondent N.) and ECLI: NL: HR : 2007: BA3529 (HBU / Respondent G.). 4.24. Applying the aforementioned rules and case law, the court assesses [the applicant's] request as follows. In addition, the request only relates to the information that is not part of the file that has already been provided to [applicant]. At the hearing, [applicant] explained that her request for inspection still pertains to the painted-away part and the internal correspondence and notes of the Youth Protection Agency. the painted part 4.25. The parties argue about the question whether the painted part falls under the right of inspection of the GDPR. The court finds that the attorney of [interested party] stated during the hearing that nothing is mentioned in the painted-away part that can be traced back to [applicant]. Now that there are no indications to the contrary, the court assumes its correctness. This means that there is no personal data of [applicant] within the meaning of the GDPR, to which the right of inspection is limited. Since there is no further evidence that [the applicant] would have filed her request for inspection also on behalf of [minor 2], the request for inspection of the painted part will be rejected. internal correspondence and notes 4.26. [Applicant] has argued that internal notes and correspondence from Youth Protection fall under the right of inspection of Article 15 GDPR. Youth protection has disputed this. 4.27. Although it can be assumed that internal notes (if available in the file) and internal correspondence from Youth Protection may contain personal data of [the applicant], these documents cannot as such be qualified as personal data within the meaning of the GDPR. After all, the requested data can be regarded as information that contains the personal thoughts of employees and that is exclusively intended for internal consultation and deliberation. Insofar as this information is processed in reports or reports, it will become part of the client file that [applicant] has access to on the basis of the Youth Act. In view of the rulings of the CJEU and the Supreme Court referred to above under 4.22, such data cannot be regarded as personal data within the meaning of Article 4 paragraph 1 GDPR, because these (internal) documents are not in themselves data about [applicant]. This is also apparent from the fact that those documents as such cannot be checked by [the applicant] for their correctness or corrected. The same applies to the requested access to text messages and Whatsapp messages. 4.28. In addition, the request for access by [applicant] is not consistent with the purpose and purport of the GDPR. The person whose data is being processed has - in view of the protection of the right to respect for privacy with regard to the processing of that data - the right of access in order to check whether his personal data are correct and are being processed lawfully. It can be deduced from the documents and the explanations given by [applicant] at the hearing that her request for access is the result of a mistrust of Youth Protection and her ex-partner [interested party] that arose in her family law proceedings; she suspects that not all information is shared with her and that matters are decided behind her back.Her request is apparently aimed at retrieving information unknown to her by means of the request for access with a view to those family law proceedings and at the same time confirming that her mistrust is justified. 4.29. It goes without saying that the family law proceedings are extremely precarious for [applicant] and [interested party], as they concern the welfare of their children and their custody of the children. This does not alter the fact that it has not become plausible from [the applicant's] explanation that she wishes to inspect the personal data processed by Youth Protection in order to verify the correctness and lawfulness of the processing thereof. The court therefore concludes that [applicant] uses the GDPR and the right to access personal data under certain conditions for a purpose other than the one intended by the GDPR. 4.30. The conclusion is that the [applicant's] requests should be rejected. In the absence of any conviction, there is no reason to impose the penalty payment also requested (under e). litigation costs 4.31. Both parties have each requested that the other party be ordered to pay the costs of the proceedings. [Applicant] has correctly pointed out in itself that the Youth Protection Agency did not respond to the request for access until the petition was submitted by [applicant] on 1 October 2019. On the other hand, [applicant] subsequently declined several invitations from Youth Protection to come and inspect the file and persisted in her request, even after Youth Protection had provided a copy of the client file. The decisive factor, however, is that, as considered above, the request for access served a different purpose than the purpose pursued by the right of access. The court sees this as a reason to order [applicant] to pay the legal costs of the Youth Protection Agency. 4.32. The costs on the side of Youth Protection have so far been estimated at: - court fee € 639 - lawyer salary € 1,086 (2 points × rate € 543) total € 1.725 4.33. Now that [the applicant] is being ordered to pay the costs of the proceedings, the court no longer sees any reason to decide on the request from Youth Protection not to charge her a court fee. 5The decision The court 5.1. declines the request, 5.2. orders [applicant] to pay the costs of the proceedings, estimated to date on the part of Youth Protection at € 1,725. This decision was given by mr. MCH Broesterhuizen, judge, assisted by mr. PCN van Gelderen, registrar, and pronounced in public on April 9, 2020. The Registrar is unable to sign this order.
