Is Personal Data Protection a Challenge or merely an Obstacle for Open Data Rosana Lemut Strle, Msc Institute for Privacy and Access to Public Information, Info House What prevails in a collision? Open data = an idea, a philosophy Personal data protection = fundamental human right Open access to data is a condition sine qua non for open data. How is free access regulated on the EU level? 1. Regulation no 1049/2001 of the European Parliament and of the Council (public access to European Parliament, Council and Commission documents) 2. Directive 2003/98/EC, known as the PSI Directive (focuses on the economic aspects of re-use of information ) 3. Directive 2003/4/EC of the European Parliament and of the Council (public access to environmental information ) What about general regulatory framework on free access? Council of Europe Convention on Access to Official Documents (Convention 205) from 2009 - only 7 ratification* - 10 ratifications needed for entering into force. * EU members that ratified the Convention 205: Norway, Sweden, Lithuania, Hungary and Finland. On the other hand, when speaking of personal data protection… 1. on EU level: - Directive 46/95 of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data within the EU member states. - Regulation 45/2001 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data. 2. Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data from 1981; ratified by 47 countries. So, when colliding… Let‘s look at an interesting case. Atlas of Roma settlements (built upon the analytical data from censuses, educational system, child allowances…). - on the State level… - on the level of an individual Sattelement (settlement of Hudeje has 312 inhabitants)… ? Are we talking about personal data? Should there be a legal ground for processing? Clear personal data protection framework – clear jurisprudence of ECJ The Judgment of the European Court of Justice (Grand Chamber) of 9 November 2010; Volker und Markus Schecke GbR (C-92/09) and Hartmut Eifert (C-93/09) v Land Hessen. „ it must be considered that the right to respect for private life with regard to the processing of personal data, recognised by Articles 7 and 8 of the Charter, concerns any information relating to an identified or identifiable individual.“ „…legal persons can claim the protection of Articles 7 and 8 of the Charter in relation to such identification only in so far as the official title of the legal person identifies one or more natural persons.“ Next steps towards open data ? 1. New, general legislative framework for free access on EU level ? 2. Instead of proving a legal interest to access the data, balancing rights of access and personal data protection should be based upon the public interest test. 3. From philosophy towards legal right? Thank you for attention !