Activities of Kyriacos TRIANTAPHYLLIDES related to 2012/0011(COD)
Shadow opinions (1)
OPINION on the proposal for a regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation)
Amendments (12)
Amendment 87 #
Proposal for a regulation
Recital 2
Recital 2
(2) The processing of personal data is designed to serve man; the principles and rules on the protection of individuals with regard to the processing of their personal data should, whatever the nationality or residence of natural persons, respect their fundamental rights and freedoms, notably their right to the protection of personal data. It should contribute to the accomplishment of an area of freedom, security and jusDuring the processing and transfer of data within the internal market, the right to protection of privacy and protection of personal data, as defined in Article and8 of an economic union, to economic and social progress, the strengthening and the convergence of the economies within the internal market, and the well-being of individualthe Charter of Fundamental Rights and in Article 16.2 TFEU, should be respected. The processing and transmission of data in the single market should be limited by the right to protection under Article 8 of the Charter of Fundamental Rights.
Amendment 88 #
Proposal for a regulation
Recital 4
Recital 4
(4) The process of economic and social integration resulting from the functioning of the internal market has led to a substantial increase in cross-border flows. The exchange of data between economic and social, public and private actors across the Union increased. National authorities in the Member States are being called upon by Union law to co-operate and exchange personal data so as to be able to perform their duties or carry out tasks on behalf of an authority in another Member State.
Amendment 89 #
Proposal for a regulation
Recital 6
Recital 6
(6) These developments require building a strong and more coherent data protection framework in the Union, backed by strong enforcement of legislation protecting personal data, given the importance to create the trust that will allow the digital economy to develop across the internal market. Individuals should have control of their own personal data and legal and practical certainty for individuals, economic operators and public authorities should be reinforced.
Amendment 91 #
Proposal for a regulation
Recital 7
Recital 7
(7) The objectives and principles of Directive 95/46/EC remain sound, but it has not prevented fragmentation in the way data protection is implemented across the Union, legal uncertainty and a widespread public perception that there are significant risks for the protection of individuals associated notably with online activity. Differences in the level of protection of the rights and freedoms of individuals, notably to the right to the protection of personal data, with regard to the processing of personal data afforded in the Member States may prevent the free flow of personal data throughout the Union. These differences may thereconstitute an obstacle to the provision of adequate data protection fore constitute an obstacle to the pursuit of economic activities at the level of the Union, distort competition and impede authorities in the discharge of their responsibilities under Union law. This difference in levels of protection is due to the existence of differences in the implementation and application of Directive 95/46/ECitizens and by extension infringe their rights. A Directive is therefore being proposed to ensure effective compliance with the principle of subsidiarity and contribute to better data protection in Member States where the protection level is higher.
Amendment 92 #
Proposal for a regulation
Recital 8
Recital 8
(8) In order to ensure consistent and high level of protection of individuals and to remove the obstacles to flows of personal data, the level of protection of the rights and freedoms of individuals with regard to the processing of such data should be equivalent in all Member States. Consistent and homogenous application of the rules for the protection of the fundamental rights and freedoms of natural persons with regard to the processing of personal data should be ensured throughout the Union. Harmonisation should allow Member States to adopt in their national law provisions preventing any potential degradation in the level of personal data protection in Member States where the law provides more stringent protection.
Amendment 93 #
Proposal for a regulation
Recital 11
Recital 11
(11) In order to ensure a consistent level ofSince there is a risk that personal data protection fmay be subor dindividuals throughout the Union and to prevent divergenceated to the free movement of data, there is a risk of an imbalance between the objectives of the fundamental right to data protection and the objectives of the single market to the detriment of the former, and on the basis thampert Member States should retaing the free movement of data within the internal market, a Regulationright to impose stricter limits on the protection of personal data than those provided for in the new legislation, and with a view to ensuring an enhanced level of protection for physical persons throughout the Union, a new Directive is necessary to provide legal certainty and transparency for economic operators, including micro, small and medium-sized enterprises, and to provide individuals in all Member States with the same level of legally enforceable rights and obligations and responsibilities for controllers and processors, to ensure consistent monitoring of the processing of personal data, and equivalent sanctions in all Member States as well as effective co-operation by the supervisory authorities of different Member States. To take account of the specific situation of micro, small and medium-sized enterprises, this RegulationDirective includes a number of derogations. In addition, the Union institutions and bodies, Member States and their supervisory authorities are encouraged to take account of the specific needs of micro, small and medium-sized enterprises in the application of this RegulationDirective. The notion of micro, small and medium-sized enterprises should draw upon Commission Recommendation 2003/361/EC of 6 May 2003 concerning the definition of micro, small and medium- sized enterprises.
Amendment 96 #
Proposal for a regulation
Recital 21
Recital 21
Amendment 97 #
Proposal for a regulation
Recital 21 a (new)
Recital 21 a (new)
(21 a) Clear proof that the behaviour of physical persons is being monitored in order to analyse or to predict their personal preferences, behaviour, habits and attitudes is provided by search engines that derive part of their revenue from targeted advertising, exploiting the collection of personal data of their visitors or the analysis of their profile and they should fall clearly within the scope of the Directive. The same should apply to social networks and websites that offer server space and, in some cases, software storage, which also could collect user data for commercial purposes.
Amendment 105 #
Proposal for a regulation
Recital 25
Recital 25
(25) Consent should be given explicitly by any appropriate method enabling a freely given specific and informed indication of the adult data subject's wishes, as specifically described in the New York Convention, either by a statement or by a clear affirmative action by the data subject, ensuring that individuals are aware that they give their consent to the processing of personal data, including by ticking a box when visiting an Internet website or by any other statement or conduct which clearly indicates in this context the data subject's acceptance of the proposed processing of their personal data. Silence or inactivity should therefore not constitute consent. Consent should cover all processing activities carried out for the same purpose or purposes. If the data subject's consent is to be given following an electronic request, the request must be clear, concise and not unnecessarily disruptive to the use of the service for which it is provided.
Amendment 245 #
Proposal for a regulation
Article 13 – paragraph 1
Article 13 – paragraph 1
The controller shall communicate any rectification or erasure carried out in accordance with Articles 16 and 17 to each recipient to whom the data have been disclosed, unless this proves impossible or involves a disproportionate effort.
Amendment 254 #
Proposal for a regulation
Article 14 – paragraph 5 – point b
Article 14 – paragraph 5 – point b
Amendment 285 #
Proposal for a regulation
Article 19 – paragraph 1
Article 19 – paragraph 1
1. The data subject shall have the right to object, on grounds relating to their particular situation, at any time to the processing of personal data which is based on points (d), (e) and (f) of Article 6(1), unless the controller demonstrates compelling legitimate grounds for the processing which override the interests or fundamental rights and freedoms of the data subject.