Articles

Municipalities are allowed to levy fees at cost when an individual exercises its right of access

Municipalities are allowed to levy fees at cost when an individual exercises its right of access

Municipalities are allowed to levy fees at cost when an individual exercises its right of access

15.07.2014

On 12 December 2013, the European Court of Justice (“ECJ”) delivered an interesting judgment on the amount of charges municipalities are allowed to levy when a data subject exercises its right to access its personal data that are processed in the municipal personal records database. This case concerns a dispute heard by the Court of Appeal of The Hague which submitted preliminary questions to the ECJ.

In 2009, X committed a traffic offence and was fined. She did not pay the fine and had to appear in court. She argued that she had not received any order of the fine or any subsequent demands for payment that had been issued by the public prosecutor. At the time the fine was issued, she moved from one house to another several times, and she assumed that the fine and the subsequent payment demands might have been sent to the wrong address. To prove this, she requested the administrative office of the municipality where she currently lives to indicate specifically which data are held in the municipal personal records database. In accordance with Section 79(3) of the Municipal Database (Personal Records) Act (currently Section 2.55(3) of the Municipal Database (Personal Records) Act), the municipality supplied her with a certified document containing her requested data and charged her EUR 12.80 for it. But X refused to pay this.

Section 79 Municipal Database (Personal Records) Act specifically elaborates on Section 12 EU Directive 95/46/EC (the “Privacy Directive”), which specifies that a data subject should be given access to its personal data “without constraint at reasonable intervals and without excessive delay or expense”. Based on Section 79(2) Municipal Database (Personal Records) Act, allowing a data subject’s inspection of his/her personal data free-of-charge could be achieved by showing him/her the information on the computer screen of the civil servant working at the administrative office. If the data subject wants to obtain a copy thereof, he/she must pay for any administrative charges.

The Court of Appeal of The Hague submitted several preliminary questions to the ECJ. One of them, which is the more interesting one, is summarized as follows: Are municipalities allowed to levy fees for an extract from the municipal personal records database or does the Privacy Directive preclude this? The ECJ answered this question by saying that when a data subject exercises its right of access, levying fees is allowed, as long as they are not excessive. The fees should not have the effect of causing the data subject to waive its right of access. Therefore, the fees should not exceed the cost of data supply. Authorities can also choose to charge less than the actual costs in order to safeguard one’s right of access.

For X, the essential question is whether or not the levied fees exceeded the actual cost of data supply. If the fees did exceed it, then it remains to be seen whether, in this case, charging the data subject for the actual cost that is currently known will not be considered an obstacle for the data subject to inspect the data after all.

The case (C-486/12) can be found on http://www.curia.europa.eu.

 

Click here to see a printable version of this article

All rights reserved. Care has been taken to ensure that the content of this e-bulletin is as accurate as possible. However the accuracy and completeness of the information in this e-bulletin, largely based upon third party sources, cannot be guaranteed. The materials contained in this e-bulletin have been prepared and provided by Stibbe for information purposes only. They do not constitute legal or other professional advice and readers should not act upon the information contained in this e-bulletin without consulting legal counsel. Consultation of this e-bulletin will not create an attorney-client relationship between Stibbe and the reader. The e-bulletin may be used only for personal use and all other uses are prohibited.

Team

Related news

14.10.2019 NL law
Kamerdebat over digitalisering van de overheid: aandacht voor bescherming burger vereist

Short Reads - Op 24 september 2019 zijn er vier moties in stemming gebracht én aangenomen door de Tweede Kamer. De moties hebben als gemeenschappelijke deler dat ze in het teken staan van de steeds groter wordende digitalisering bij de overheid. Het achterliggende doel van de moties is dat de burger voldoende beschermd moet worden tegen deze digitalisering.

Read more

27.09.2019 NL law
Stibbe is attending the IBA's annual conference in Seoul

Conference - The annual conference of the International Bar Association (IBA) is currently taking place in Seoul. There are fourteen partners from Stibbe attending the event. Several of them have speaking slots on a wide range of legal topics and will take part in various panel discussions.

Read more

28.08.2019 NL law
Masterclass: e-signature and electronic identifiers

Masterclass - Stibbe is organising a Masterclass on 26 September 2019 in Amsterdam on the subject of e-signature and electronic identifiers. This Masterclass will cover the legal framework and focus especially on the numerous possibilities for applying the various electronic signatures in different situations. In addition, we explain the regulations governing electronic identifiers, and the mandatory European recognition they receive.

Read more

02.10.2019 EU law
Seminar: Data protection implications of (a no-deal) Brexit

Seminar - On October 25th at 9.30 am, we organize a seminar where we will discus the implications of a (no-deal) Brexit on data protection.  These issues affect all businesses interacting between UK and EEA (including EU) and which send or receive data to and from UK. We will highlight the main challenges both in the case of a hard Brexit on 31 October 2019 and in other scenarios. We will also offer guidelines to help your organisation mitigate the respective risks.

Read more

Our website uses functional cookies for the functioning of the website and analytic cookies that enable us to generate aggregated visitor data. We also use other cookies, such as third party tracking cookies - please indicate whether you agree to the use of these other cookies:

Privacy – en cookieverklaring