privacy – Page 11 – Panopticon

DATA PROTECTION IN EUROPE – JUDGMENT IN BAVARIAN BEER

Posted on 2nd July 2010 | by Anya Proops KC

On 29 June 2010, the European Court of Justice handed down an important judgment on how provisions within EU law which permit access to documents held by EU institutions are to be applied where the documents contain third party personal data – European Commission & United Kingdom v Bavarian Lager (Case C-28/08 P). The case involved an application for disclosure of a document held by the European Commission which recorded discussions on the application of certain beer import restrictions within the UK. A number of individuals were identified by name in the document. The application for disclosure was made by Bavarian Lager under EU Regulation 1049/2001 (the Access Regulation). The Access Regulation is designed to facilitate public access to documents held by EU institutions with a view to increasing their transparency and accountability. Importantly, like FOIA, the Access Regulation is, on its face, motive-blind (i.e. it does not require the applicant to establish a legitimate reason for accessing the information). The Commission provided the requested document, save that it redacted the names of certain individuals identified in the document. The key issue which arose in the case was whether, in deciding whether to release the names of the individuals in question, the Commission had been entitled to take into account whether Bavarian Lager had established that it had legitimate interests in receiving this particular data.

The Court of First Instance (now ‘the General Court’) held that: (a) particularly having regard to the motive blind nature of the Access Regulation, the Commission had erred in taking into account Bavarian Lager’s interests in receiving the information and (b) the names should be disclosed. On appeal by the Commission, the ECJ overturned the CFI’s judgment. In summary, the ECJ reached the following conclusions on the appeal:

(1) the CFI had erred because it had failed to have due regard to the way in which the Access Regulation effectively deferred to provisions contained in other EU legislation, particular Regulation 45/2001 which is specifically concerned with protecting individuals with regard to the processing of their personal data by EU institutions (“the DP Regulation”);

(2) the DP Regulation itself required consideration of the question of whether the applicant had a legitimate interest in receiving the particular personal data;

(3) accordingly, the Commission had not erred when it decided that Bavarian Lager had not established a legitimate interest in receiving the personal data contained in the documents;

(4) the data had been lawfully withheld by the Commission.

11KBW’s Jason Coppel appeared on behalf of the United Kingdom.

WATCH THIS SPACE

Posted on 30th June 2010 | by Timothy Pitt-Payne KC

The Coalition’s Programme for Government contains a great deal that is of interest to information lawyers: see here. But when and how will any of this be given legislative effect?

The Queen’s Speech was delivered on 25th May 2010. The website of the Prime Minister’s office gives a list of the proposed Bills , with further information about each one. Three of the proposed Bills have potential implications for information law.

(i) The Public Bodies (Reform) Bill will enhance the transparency and accountability of quangos: though it is not clear as yet whether enhanced information access rights will play a role in this.

(ii) The Decentralisation and Localism Bill will (among other matters) require public bodies to publish online the job titles of every member of staff and the salaries and expenses of senior officials.

(iii) The Freedom (Great Repeal) Bill is intended to cover a wide range of subjects, to be announced in due course: it may include an extension to the scope of FOIA, and also various provisions in relation privacy (e.g. relating to CCTV cameras, and the DNA database).

Of these Bills, it is the third that is likely to be much the most significant.

PRIVACY ACROSS THE POND

Posted on 25th June 2010 | by Anya Proops KC

On Thursday, the US Supreme Court unanimously held that a Police Chief did not violate a police officer’s 4^th amendment rights by reading personal text messages which the officer had send via a pager provided to him by his employer – see the judgment here. The 4^th amendment guarantees a person’s privacy, dignity, and security against arbitrary and invasive governmental acts. The text messages were sent on a pager provided by the officer’s employer, they included a number of sexually explicit messages. The texts were reviewed as part of a process of examining whether officers were using the pagers excessively for personal use. In a judgment which rejected a broad right of privacy for workers, the Supreme Court recognised that interferences with privacy may be justified where there is a reasonable suspicion that rules are being breached by the employee. Notably, the Supreme Court recognised that, in an age of fast-evolving technology, the law of privacy should develop flexibly rather than through the introduction of broad, rigid rules.

PATIENT INFORMATION – MADE FOR SHARING?

Posted on 17th June 2010 | by Timothy Pitt-Payne KC

Sharing patient information in the NHS has proved highly controversial. We posted about this subject here a while back. Now there’s a new report from UCL researchers, suggesting that two key recent NHS IT programmes for handling patient information have so far delivered only modest benefits. A short summary appears here, with links to the executive summary and the full report. A research paper based on the findings has been published in the BMJ.

The three year UCL project looked at the Summary Care Record (SCR) and at Healthspace, both introduced as part of the NHS National Programme for IT.

The SCR is an electronic summary of key health data, taken from GP records and other sources, and available to a range of NHS staff. According to the UCL report, very few people had chosen to opt out; less than 1% of those who had been sent the relevant information. But SCRs were not yet widely used; even where available, they were only accessed in 21% of clinical encounters. So far there was little evidence that SCRs improved patient safety or reduced consultation length or hospital admissions.

HealthSpace is a tool that allows patients to update their own health information, plan healthcare appointments, and contact their GP via a secure internet connection. So far, take up has been very low. According to the UCL study only one person in 200 who was invited to open a basic account did so, and only one in 1000 opened an advanced account.

The report’s lead author, Professor Greenhalgh, is quoted as saying: “This reseach shows that the significant benefits anticipated for these programmes have, by and large, yet to be realised – and that they may be acheived only at high cost and enormous effort … It serves to demonstrate the wider dilemma of national databases: that scaling things up doesn’t necessarily make them more efficient or effective.”

PRIVACY IN THE DOCK

Posted on 10th June 2010 | by Anya Proops KC

It is a fundamental rule of our justice system that it should be administered in public (Attorney General v Leveller Magazine Ltd [1979] AC 440). In the criminal justice system this rule generally operates so as to require individuals who are charged with an offence to give their home address in open court. But what is the position if the accused claim that confirming their address in open court will expose them and their family to attack? Are they entitled to demand that their address be given in camera? This is an issue which was recently posed in the case of R(Harper) & Anor v Aldershot Magistrates Court & Anor [2010] EWHC 1319 Admin. In this case, two senior police officers who had been charged with the offence of misconduct in public office sought to judicially review a ruling of the Magistrates Court that they must each confirm their address in open court. The officers, who had been suspended from duty, claimed that the ruling was unlawful because there was a real and genuine fear of reprisal and the safety of the officers and their family was at risk. The Court rejected the claim on the basis that any fears which the officers may have had were unreasonable, particularly because publication of their address would not in fact enhance any risk that they faced (notably, the addresses could simply have been accessed through the electoral roll). In reaching the conclusion that the ruling was lawful, the Court took into account not least Lord Diplock’s judgment in Belfast Telegraph Newspaper Limited’s Application [1997] NI QBD 309. In that case, Lord Diplock held that information may be withheld in criminal proceedings on the basis that this was necessary to serve the public interest in the administration of justice but that it could not be withheld simply in the interest of protecting ‘the private welfare of those caught up in that administration’ (at page 314F). The Court in Harper noted that there might be circumstances in which the individual’s well-being may overlap with the administration of justice such that the information can be withheld in the public interest. However, these were not the facts of the instant case. Notably, there is no analysis in the judgment of the application of Article 8 ECHR. Nor further is there any explicit consideration of the rights of the families of the accused. Query what role these considerations would have played if the facts of Harper had been less clear-cut.

FROM BIG BROTHER SOCIETY TO BRAVE NEW WORLD?

Posted on 12th May 2010 | by Timothy Pitt-Payne KC

The Conservative/Lib Dem coalition agreements are available here. Under the heading “Civil Liberties” there are a number of points that should interest readers of this blog. These include:

* the scrapping of the ID cards scheme, the National Identity Register, the next generation of biometric passports and the Contact Point database;

* outlawing the fingerprinting of children at school without parental permission;

* extending FOIA to provide greater transparency;

* adopting the Scottish model for the DNA database;

* further regulation of CCTV; and

* ending the storage of internet and email records without good reason.

Taken together these suggest that information law issues will continue to be centre stage in political terms.

WordPress + Bootstrap

Tag: privacy