BETA

Activities of Philippe JUVIN related to 2012/0011(COD)

Plenary speeches (1)

Protection of individuals with regard to the processing of personal data (A8-0139/2016 - Jan Philipp Albrecht) FR
2016/11/22
Dossiers: 2012/0011(COD)

Amendments (11)

Amendment 135 #
Proposal for a regulation
Recital 67
(67) A personal data breach may, if not addressed in an adequate and timely manner, result in substantial economic loss and social harm, including identity fraud, to the individual concerned. Therefore, as soon as the controller becomes aware that such a breach which may significantly adversely affect the protection of the personal data or the privacy of the data subject concerned has occurred, the controller should notify the breach to the supervisory authority without undue delay and, where feasible, within 24 hours. Where this cannot achieved within 24 hours, an explanation of the reasons for the delay should accompany the notification. The individuals whose personal data could be adversely affected by the breach should be notified without undue delay in order to allow them to take the necessary precautions. A breach should be considered as significantly adversely affecting the personal data or privacy of a data subject where it could result in, for example, identity theft or fraud, physical harm, significant humiliation or damage to reputation. The notification should describe the nature of the personal data breach as well as recommendations as well as recommendations for the individual concerned to mitigate potential adverse effects. Notifications to data subjects should be made as soon as reasonably feasible, and in close cooperation with the supervisory authority and respecting guidance provided by it or other relevant authorities (e.g. law enforcement authorities). For example, the chance for data subjects to mitigate an immediate risk of harm would call for a prompt notification of data subjects whereas the need to implement appropriate measures against continuing or similar data breaches may justify a longer delay.
2012/11/08
Committee: IMCO
Amendment 149 #
Proposal for a regulation
Article 2 – paragraph 2 – point d a (new)
da) which have been rendered anonymous within the meaning of Article 4(2a);
2012/11/08
Committee: IMCO
Amendment 159 #
Proposal for a regulation
Article 4 – paragraph 1 – point 1
(1) 'data subject' means an identified natural person or a natural person who can be identified, directly or indirectly, by means reasonably likely to be used by the controller or by any other natural or legal person, in particular by reference to an identification number, location data, onliner an identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person;
2012/11/08
Committee: IMCO
Amendment 167 #
Proposal for a regulation
Article 4 – paragraph 1 – point 2 a (new)
(2a) ‘data rendered anonymous’ means data relating to an identified natural person or a natural person who can be identified and which have been modified in such a way that this data subject cannot be identified;
2012/11/08
Committee: IMCO
Amendment 359 #
Proposal for a regulation
Article 31 – paragraph 1
1. IWhen the casepersonal data breach is likely to have a serious adverse effect on the protection of athe personal data breachor privacy of the data subject, the controller shall without undue delay and, where feasible, not later than 24 hours after having become aware of it, notify the personal data breach to the supervisory authority. The notification to the supervisory authority shall be accompanied by a reasoned justification in cases where it is not made within 24 hours.
2012/11/08
Committee: IMCO
Amendment 365 #
Proposal for a regulation
Article 32 – paragraph 1
1. When the personal data breach is likely to have a serious adversely a effect on the protection of the personal data or privacy of the data subject, the controller shall, after the notification referred to in Article 31, communicate the personal data breach to the data subject without undue delay.
2012/11/08
Committee: IMCO
Amendment 664 #
Proposal for a regulation
Article 2 – paragraph 2 – point a a (new)
(aa) which were collected prior to the entry into force of this Regulation, as referred to in Article 91;
2013/03/04
Committee: LIBE
Amendment 665 #
Proposal for a regulation
Article 2 – paragraph 2 – point a b (new)
(ab) which began prior to the entry into force of this Regulation, as referred to in Article 91;
2013/03/04
Committee: LIBE
Amendment 2975 #
Proposal for a regulation
Article 81 – paragraph 1 – point b
(b) reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health or ensuring high standards of quality and safety, inter alia for medicinal products or medical devices, and if the processing is carried out by a person bound by a confidentiality obligation; or
2013/03/08
Committee: LIBE
Amendment 3061 #
Proposal for a regulation
Article 83 – paragraph 1 – point b a (new)
(ba) the information processed cannot be linked to an identified or identifiable person.
2013/03/08
Committee: LIBE
Amendment 3082 #
Proposal for a regulation
Article 83 – paragraph 2 – point a
(a) the data subject has given consent, subject to the conditions laid down in Article 7; or
2013/03/08
Committee: LIBE