Fwd: Re: Purpose Frameworks
Hi Susan and Lisa, If it is still open, I volunteer to summarize the Article 29 Data Protection Working Group's "Opinion 03/2013 on Purpose Limitation" adopted by April 2, 2013. In many ways, this is just the piece we have been looking for to understand what "purpose" means in the EU, and what the "purpose limitation" requires under the EU Data Protection Directive. It answers many questions we have been raising about the law and framework of "purpose," including: + /if under the EU Data Protection Directive, personal data must be "collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes," //then what is "a specified purpose," "how does a purpose become explicit," and what purposes are "legitimate?" /All discussed in detail! / /Further, it has sections addressing the natural follow-up question: what is "compatible use?" This decision discusses at length the legal limitation for "further processing" of personal data -- which must be not incompatible with the original purpose for which the data was collected in the first place. If someone has already summarized this opinion, how might I find that summary? Also, can we post the article by Hunton & Williams (global law firm) in its Privacy & Information Security Law Blog titled: "/Article 29 Working Party Clarifies Purpose Limitation Principles; Opines on Big and Open Data." /The writers provide a concise overview of the Article 29 Working Party's 70-page decision above is in clear language (hooray!). It provides a readable overview of this decision that "goes to the heart of data protection law and is relevant to virtually all data controllers processing personal data in the EU." I think it would help the full WG to provide access to it -- link: https://www.huntonprivacyblog.com/2013/04/09/article-29-working-party-clarif... I'm happy to summarize it. Best and tx, Kathy
Sure! Tx Lisa for all you are doing to help us keep on this material. Kathy On 4/7/2016 4:41 PM, Lisa Phifer wrote:
Hi Kathy, Stephanie has already volunteered to summarize Article 29 WP 203 Opinion 3/2013 <http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion...>
I will add the blog you identified below and indicate that you're assigned to summarize it for the purpose team.
Would you be able to summarize the following with respect to its relevance to RDS purpose: European Commission Website: Obligations of Data Controllers <http://ec.europa.eu/justice/data-protection/data-collection/obligations/inde...>
Thanks Lisa
At 02:29 PM 4/7/2016, Kathy Kleiman via gnso-rds-pdp-purpose wrote:
Hi Susan and Lisa, If it is still open, I volunteer to summarize the Article 29 Data Protection Working Group's "Opinion 03/2013 on Purpose Limitation" adopted by April 2, 2013.
In many ways, this is just the piece we have been looking for to understand what "purpose" means in the EU, and what the "purpose limitation" requires under the EU Data Protection Directive. It answers many questions we have been raising about the law and framework of "purpose," including: + /if under the EU Data Protection Directive, personal data must be "collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes," then what is "a specified purpose," "how does a purpose become explicit," and what purposes are "legitimate?"Â Â /All discussed in detail! / /Further, it has sections addressing the natural follow-up question: what is "compatible use?"Â This decision discusses at length the legal limitation for "further processing" of personal data -- which must be not incompatible with the original purpose for which the data was collected in the first place.
If someone has already summarized this opinion, how might I find that summary?
Also, can we post the article by Hunton & Williams (global law firm) in its Privacy & Information Security Law Blog titled: "/Article 29 Working Party Clarifies Purpose Limitation Principles; Opines on Big and Open Data."Â /The writers provide a concise overview of the Article 29 Working Party's 70-page decision above is in clear language (hooray!). It provides a readable overview of this decision that "goes to the heart of data protection law and is relevant to virtually all data controllers processing personal data in the EU."
I think it would help the full WG to provide access to it -- link: https://www.huntonprivacyblog.com/2013/04/09/article-29-working-party-clarif... Â
I'm happy to summarize it. Best and tx, Kathy
_______________________________________________ gnso-rds-pdp-purpose mailing list gnso-rds-pdp-purpose@icann.org https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose>
participants (2)
-
Kathy Kleiman -
Lisa Phifer