-
Recent Posts
- Why data protection law is uniquely equipped to let us fight a pandemic with personal data
- A US Bill from 1974 shares so much DNA with the GDPR, it could be its ancestor
- Planet49 CJEU Judgment brings some ‘Cookie Consent’ Certainty to Planet Online Tracking
- The CJEU decides lack of access to personal data does not unmake a joint controller: A look at Wirtschaftsakademie
- Brief case-law companion for the GDPR professional
- Exam scripts are partly personal data and other practical findings of the CJEU in Nowak
- A Conversation with Giovanni Buttarelli about The Future of Data Protection: setting the stage for an EU Digital Regulator
- Why did Facebook just receive (one of) the biggest data protection fine(s) on record
- Exam scripts and examiner’s corrections are personal data of the exam candidate (AG Kokott Opinion in Nowak)
- Highlights of the draft LIBE report on the ePrivacy Reg
Archives
Tags roulette
AG Mengozzi Article 8 Charter article 29 working party big data CJEU cloud computing CNIL data portability data protection Data Protection Directive data protection laws data protection officer data protection reform data protection regulation directive 95/46 directive 95/46/EC EDPS European Commission European Data Protection Supervisor European Parliament Facebook Gabriela Zanfir GDPR Google personal data PNR privacy right to be forgotten Surveillance technology Viviane RedingCategories
RSS
Meta
All about personal data protection and privacy
EPIC.ORG news- An error has occurred; the feed is probably down. Try again later.
- EDRi
- European Data Protection Supervisor
- An error has occurred; the feed is probably down. Try again later.
- CNIL
- Agir pour un futur numérique responsable : la CNIL organise un colloque pour ses 45 ans
- La CNIL publie son premier dossier thématique dédié à l’identité numérique
- Designs trompeurs, certification et transferts : les trois lignes directrices adoptées par le CEPD en février
- « Les Gardiens du numérique » : l’escape game sur la vie privée à la Cité des sciences et de l’industrie à Paris
- Thématiques prioritaires de contrôle 2023 : caméras « augmentées », applications mobiles, fichiers bancaires et dossiers patients
- ICO
- ICO takes action against Lewisham Council for failing to respond to hundreds of Freedom of Information requests
- ICO issues reprimand to the Metropolitan Police Service for inadequate handling of files related to organised crime groups
- ICO reaches agreement with Easylife Ltd
- ICO statement on Government response to Sir Patrick Vallance’s Pro-Innovation Regulation of Technologies Review
- ICO shares resources to help designers embed data protection by default
- Privacy Commissioner Canada
- Announcement: Commissioner welcomes conclusion of the U.S. Federal Trade Commission’s investigation into Ashley Madison breach
- Announcement: OPC blog post: learn how identifiers on your phone can be used to track you
- Don’t repeat past mistakes, Privacy Commissioner warns as government reviews national security framework - December 6, 2016
- Media Advisory: Privacy guardians to unveil recommendations on modernizing Canada’s national security framework - December 5, 2016
- Announcement: Contributions Program launches call for innovative research and knowledge translation proposals - November 30, 2016
pdpEcho 
What Do Individuals Complain About in Relation to PDP Law Breaches?
I should mention beforehand that my PhD thesis will look exactly into data protection law as contributing to the enhancement of civil law and civil liabilities (somehow trying to define a new kind of tort). I will therefore look into distancing myself from an administrative point of view upon data protection law. Nevertheless, the administrative complaints filed to EDPS can be a very fruitful lead towards the framework of newfound civil liabilities regarding data protection, as they give me an idea of what can possibly people complain about regarding the protection of their personal data.
I will reveal in this post some interesting information from the EDPS 2010 report. And in my next post I will detail some of the complaints for a further understanding of this issue.
How many complaints?
According to the abovementioned report, the number of complaints received in 2010 decreased, while the complexity of the complaints increased: “In 2010, EDPS received 94 complaints (a decrease of 15 percent compared to 2009). Of these 69 complaints were inadmissible, the majority relating to processing at national level as opposed to processing by an EU institution or body. The remaining 25 complaints required more in-depth inquiries (a decrease of 41 percent compared to 2009). In addition, 18 admissible complaints, submitted in previous years (16 in 2009 and two in 2008), were still in the inquiry or review phase during 2010”.
Nature of complaints
Of the 94 complaints received, 17 complaints (18%) were submitted by members of staff of EU institutions or bodies, including former staff members and candidates for employment. For the remaining 77 complaints, the complainant did not appear to have an employment relationship with the EU administration.
Types of violation alleged
The violations of data protection rules alleged by the complainants in 2010 mainly relate to:
A breach of data subjects’ rights, such as access to and rectification of data (36%) or objection and deletion (12%);
Unlawful use (16%), excessive collection of personal data (12%), violation of confidentiality (8%).
Other violations less frequently alleged relate to data security (4%), ID thefts (4%), leaks (4%), data quality and information to data subjects (4%).
Institutions concerned by complaints
Of the admissible complaints submitted in 2010, the majority (80%) were directed against the European Commission, including OLAF and EPSO. This is to be expected since the Commission conducts more processing of personal data than other EU institutions and bodies. The relatively high number of complaints related to OLAF and EPSO may be explained by the nature of the activities undertaken by those bodies.
Tomorrow, in my next post, I will detail some of the complaints, as they are quite interesting.
Share this:
Like this:
1 Comment
Posted in Comments
Tagged data protection, data protection complaints, data protection violations, EDPS, EDPS report 2010