umraniye escort pendik escort
maderba.com
implant
olabahis
canli poker siteleri meritslot oleybet giris adresi betgaranti
escort antalya
istanbul escort
sirinevler escort
antalya eskort bayan
brazzers
sikis
bodrum escort
Short Reads

Walking the tightrope between data protection and EU investigations

Walking the tightrope between data protection and EU investigations

Walking the tightrope between data protection and EU investigations

04.01.2019 NL law

Two recent publications confirm that it is possible for companies to cooperate with a European Commission investigation and still comply with the data protection rules. It is also possible for the Commission to deviate from certain data protection obligations in the interest of a competition law investigation. The tightrope between data protection and Commission investigations may not be as rigid as initially feared.

However, companies should still remain vigilant when dealing with information requests during investigations.

Several EU institutions, including the European Commission's Directorate-General for Competition, voiced concerns to the European Data Protection Supervisor (EDPS) about companies claiming the General Data Protection Regulation (GDPR) prevents them from cooperating with EU investigations. In response to these concerns, the EDPS clarified that the GDPR does not prevent companies from submitting information containing personal data to EU institutions, either voluntarily or in response to a legal obligation, as long as the EU institutions act within their powers. In addition, the EDPS stated that companies do not have a legal obligation to inform people about the disclosure of their personal data to EU institutions if this data is submitted with a view to carrying out a particular inquiry within the powers of the EU institutions. In the context of EU antitrust investigations, companies can therefore still be GDPR compliant while submitting information - either voluntarily or under a legal obligation - to the European Commission that may include personal data, as long as they double-check whether:

  • the request for information falls with the scope of the Commission's investigative powers;
  • the disclosure of the information is necessary to comply with the legal obligation;
  • the requested information is provided within the framework of a particular inquiry, or
  • the information is provided in order for the Commission to carry out a particular inquiry.

Similar to the GDPR not preventing companies from cooperating with EU investigations, Regulation 2018/1725 - the EU institutions' version of the GDPR – does not prevent EU institutions from conducting investigations under certain specified conditions. In regard of antitrust investigations, this is further explained in a recent Decision which states that the Commission may restrict certain rights of data subjects if the full application of these rights would jeopardise the purpose of its investigation. For the same reason, the Commission may also restrict data subjects' rights in relation to personal data obtained from other EU institutions, Member State authorities, third countries or international organisations. When doing so, the Commission will have to record and register its reasons for restricting the data subjects' rights. The Commission will also need to assess whether these restrictions are indeed proportionate and necessary for the purpose of the Commission's investigation. The Data Protection Officer will have to be informed whenever data subjects' rights are restricted and can carry out an independent review of the application of the restrictions to check whether they are in line with the Decision.

Team

Related news

01.04.2021 NL law
Slovak Telekom: ECJ on essentials of the ‘essential facilities’ doctrine

Short Reads - Only dominant companies with a “genuinely tight grip” on the market can be forced to grant rivals access to their infrastructure. According to the ECJ’s rulings in Slovak Telekom and Deutsche Telekom, it is only in this scenario that the question of indispensability of the access for rivals comes into play. In the assessment of practices other than access refusal, indispensability may be indicative of a potential abuse of a dominant position, but is not a required condition.

Read more

01.04.2021 NL law
Collective action stopped due to lack of benefit for class members

Short Reads - On 9 December 2020, the Amsterdam District Court (the “Court”) declared a foundation inadmissible in a collective action regarding alleged manipulation of LIBOR, EURIBOR and other interest rate benchmarks. The foundation sought declaratory judgments that Rabobank, UBS, Lloyds Bank and ICAP (the “defendants”) had engaged in wrongful conduct and unjust enrichment vis-à-vis the class members.

Read more

01.04.2021 NL law
Pay-for-delay saga ends with nothing new; but pharma quest continues

Short Reads - On 25 March 2021, the ECJ ended the Lundbeck pay-for-delay saga by dismissing the appeals from Lundbeck and five generic manufacturers against a European Commission ‘pay-for-delay’ decision. Following its recent Paroxetine judgment, the ECJ found that Lundbeck’s process patents did not preclude generic companies being viewed as potential competitors, particularly since the patents did not represent an insurmountable barrier to entry. In addition, the patent settlement agreements constituted infringements "by object".

Read more

01.04.2021 NL law
ECJ in Pometon: beware of too much info in staggered hybrid proceedings

Short Reads - In hybrid cartel proceedings (in which one party opts out of settlement), settlement decisions should not pre-judge the outcome of the Commission's investigation into non-settling parties. When the Commission publishes the settlement decision before the decision imposing a fine on the non-settling party, it must be careful in its drafting, the European Court of Justice confirmed. Furthermore, differences in the fining methodology applied to (similarly placed) settling and non-settling parties will have to be objectively justified and sufficiently reasoned.

Read more