Articles

Municipalities are allowed to levy fees at cost when an individual exercises its right of access

Municipalities are allowed to levy fees at cost when an individual exercises its right of access

Municipalities are allowed to levy fees at cost when an individual exercises its right of access

15.07.2014

On 12 December 2013, the European Court of Justice (“ECJ”) delivered an interesting judgment on the amount of charges municipalities are allowed to levy when a data subject exercises its right to access its personal data that are processed in the municipal personal records database. This case concerns a dispute heard by the Court of Appeal of The Hague which submitted preliminary questions to the ECJ.

In 2009, X committed a traffic offence and was fined. She did not pay the fine and had to appear in court. She argued that she had not received any order of the fine or any subsequent demands for payment that had been issued by the public prosecutor. At the time the fine was issued, she moved from one house to another several times, and she assumed that the fine and the subsequent payment demands might have been sent to the wrong address. To prove this, she requested the administrative office of the municipality where she currently lives to indicate specifically which data are held in the municipal personal records database. In accordance with Section 79(3) of the Municipal Database (Personal Records) Act (currently Section 2.55(3) of the Municipal Database (Personal Records) Act), the municipality supplied her with a certified document containing her requested data and charged her EUR 12.80 for it. But X refused to pay this.

Section 79 Municipal Database (Personal Records) Act specifically elaborates on Section 12 EU Directive 95/46/EC (the “Privacy Directive”), which specifies that a data subject should be given access to its personal data “without constraint at reasonable intervals and without excessive delay or expense”. Based on Section 79(2) Municipal Database (Personal Records) Act, allowing a data subject’s inspection of his/her personal data free-of-charge could be achieved by showing him/her the information on the computer screen of the civil servant working at the administrative office. If the data subject wants to obtain a copy thereof, he/she must pay for any administrative charges.

The Court of Appeal of The Hague submitted several preliminary questions to the ECJ. One of them, which is the more interesting one, is summarized as follows: Are municipalities allowed to levy fees for an extract from the municipal personal records database or does the Privacy Directive preclude this? The ECJ answered this question by saying that when a data subject exercises its right of access, levying fees is allowed, as long as they are not excessive. The fees should not have the effect of causing the data subject to waive its right of access. Therefore, the fees should not exceed the cost of data supply. Authorities can also choose to charge less than the actual costs in order to safeguard one’s right of access.

For X, the essential question is whether or not the levied fees exceeded the actual cost of data supply. If the fees did exceed it, then it remains to be seen whether, in this case, charging the data subject for the actual cost that is currently known will not be considered an obstacle for the data subject to inspect the data after all.

The case (C-486/12) can be found on http://www.curia.europa.eu.

 

Click here to see a printable version of this article

All rights reserved. Care has been taken to ensure that the content of this e-bulletin is as accurate as possible. However the accuracy and completeness of the information in this e-bulletin, largely based upon third party sources, cannot be guaranteed. The materials contained in this e-bulletin have been prepared and provided by Stibbe for information purposes only. They do not constitute legal or other professional advice and readers should not act upon the information contained in this e-bulletin without consulting legal counsel. Consultation of this e-bulletin will not create an attorney-client relationship between Stibbe and the reader. The e-bulletin may be used only for personal use and all other uses are prohibited.

Team

Related news

19.08.2019 EU law
Enable “likes” and bear joint-controllership

Articles - The Court of Justice of the European Union recently ruled, in Case C-40/14 Fashion ID GmbH & Co. KG v Verbraucherzentrale NRW eV,  that a website operator that features “Like” social-media plugin from Facebook likely qualifies as joint-controller with Facebook for its website visitors’ personal data collection and transmission to Facebook.

Read more

08.08.2019 BE law
Regulating online platforms: piece of the puzzle

Articles - The new Regulation no. 2019/1150 of the European Parliament and of the Council of 20 June 2019 on promoting fairness and transparency for business users of online intermediation services, applicable as of 12 July 2020, is another piece of the puzzle regulating online platforms, this time focussing on the supply side of the platforms.

Read more

23.07.2019 LU law
The Revised CSSF Cloud Circular

Articles - On 27 March 2019, the Luxembourg supervisory authority for the financial sector (the Commission de surveillance du secteur financier or CSSF) published the long-awaited CSSF Circular 19/714 amending the CSSF Circular 17/654 on IT outsourcing relying on a cloud computing infrastructure (the Revised Cloud Circular).

Read more

Our website uses functional cookies for the functioning of the website and analytic cookies that enable us to generate aggregated visitor data. We also use other cookies, such as third party tracking cookies - please indicate whether you agree to the use of these other cookies:

Privacy – en cookieverklaring