The right to oblivion does not apply to data in business registers: decision of the Court of Justice of the European Union of March 9, 2017
The court of the European Union (EU) has considered the issue of the application of the right to oblivion with respect to data in company registries. The Luxembourg court concluded that the right to oblivion does not apply to data entered in public registers of companies.
The case was initiated on the complaint of an Italian businessman against the Chamber of Commerce of one of the Italian cities, which keeps a register of companies registered in this city. The businessman complained that due to the fact that the registry remained data about him as the director of a company that went bankrupt in 1992, the real estate of the new company in which he is a director is not for sale, including because of his participation in bankruptcy companies were going to a rating company and influenced the rating of new properties. In the national court, he won the suit and received compensation of 2000 euros.
An Italian court of appeal, in which the Chamber of Commerce asked to reconsider the case, appealed to the EU Court to clarify the following questions: registries, and the provisions of directive 95/46, prescribing the storage of personal data only as long as they are necessary to achieve the goals for which they were collected; (2) whether there should be an exception to the rule of full openness of registries and the indefinite storage of data in them in light of the requirements for the protection of personal data.
In its decision, the EU Court indicated that the data in the commercial registers are personal data. He further noted that the inclusion of data in the registers is the processing of personal data, which is subject to such requirements as the consent of the person to the processing of his personal data and the right of the person to demand correction of his personal data at any time and to stop processing it. Accordingly, the requirement to destroy or anonymize personal data in registries after achieving the goals for which they were collected should be extended to data in business registers.
')
On the other side of the balance was the need to protect the rights of merchants who need to know with whom they enter into commercial contracts and what are the powers of representatives of their counterparties (they receive this information from the registers). Moreover, the protection of the rights of merchants is required not only during the existence of their counterparties, but also after their liquidation, since they must be able to make demands on the management or shareholders of the company and after its liquidation. Since the timing of claims in different countries is very different, it is impossible to establish any period after which claims can no longer be made, and accordingly the data in the registry for the liquidated company, its managers and shareholders can be destroyed as unnecessary.
On the whole, the Court’s decision seems logical, but the argument can be criticized: couldn’t it be possible to check the period of claims in all EU countries, find the largest and limit the period of data storage in commercial registries by this period?
The second argument of the Court was that if individuals decide to engage in commercial activities and are aware of the requirement to disclose their data, they should not demand their concealment. In addition, data in registries is limited to information about the names of managers and shareholders and their positions.
In conclusion, the EU Court indicated that it is possible that, in special cases, some individuals, if there are sufficient justifications, may receive permission to restrict third party access to their personal data after a sufficiently long period of time after the liquidation of companies, which will be established independently by countries EU members.
The case was initiated on the complaint of an Italian businessman against the Chamber of Commerce of one of the Italian cities, which keeps a register of companies registered in this city. The businessman complained that due to the fact that the registry remained data about him as the director of a company that went bankrupt in 1992, the real estate of the new company in which he is a director is not for sale, including because of his participation in bankruptcy companies were going to a rating company and influenced the rating of new properties. In the national court, he won the suit and received compensation of 2000 euros.
An Italian court of appeal, in which the Chamber of Commerce asked to reconsider the case, appealed to the EU Court to clarify the following questions: registries, and the provisions of directive 95/46, prescribing the storage of personal data only as long as they are necessary to achieve the goals for which they were collected; (2) whether there should be an exception to the rule of full openness of registries and the indefinite storage of data in them in light of the requirements for the protection of personal data.
In its decision, the EU Court indicated that the data in the commercial registers are personal data. He further noted that the inclusion of data in the registers is the processing of personal data, which is subject to such requirements as the consent of the person to the processing of his personal data and the right of the person to demand correction of his personal data at any time and to stop processing it. Accordingly, the requirement to destroy or anonymize personal data in registries after achieving the goals for which they were collected should be extended to data in business registers.
')
On the other side of the balance was the need to protect the rights of merchants who need to know with whom they enter into commercial contracts and what are the powers of representatives of their counterparties (they receive this information from the registers). Moreover, the protection of the rights of merchants is required not only during the existence of their counterparties, but also after their liquidation, since they must be able to make demands on the management or shareholders of the company and after its liquidation. Since the timing of claims in different countries is very different, it is impossible to establish any period after which claims can no longer be made, and accordingly the data in the registry for the liquidated company, its managers and shareholders can be destroyed as unnecessary.
On the whole, the Court’s decision seems logical, but the argument can be criticized: couldn’t it be possible to check the period of claims in all EU countries, find the largest and limit the period of data storage in commercial registries by this period?
The second argument of the Court was that if individuals decide to engage in commercial activities and are aware of the requirement to disclose their data, they should not demand their concealment. In addition, data in registries is limited to information about the names of managers and shareholders and their positions.
In conclusion, the EU Court indicated that it is possible that, in special cases, some individuals, if there are sufficient justifications, may receive permission to restrict third party access to their personal data after a sufficiently long period of time after the liquidation of companies, which will be established independently by countries EU members.
Source: https://habr.com/ru/post/325312/
All Articles