Opinion on a notification for prior checking received from the Data Protection Officer of Frontex concerning the Processing of Personal Data for Risk Analysis (PeDRA) (Case 2015-0346)
Necessity & Proportionality
Necessity is a fundamental principle when assessing the restriction of fundamental rights, such as the right to the protection of personal data. According to case-law, because of the role the processing of personal data entails for a series of fundamental rights, the limiting of the fundamental right to the protection of personal data must be strictly necessary.
Necessity shall be justified on the basis of objective evidence and is the first step before assessing the proportionality of the limitation. Necessity is also fundamental when assessing the lawfulness of the processing of personal data. The processing operations, the categories of data processed and the duration the data are kept shall be necessary for the purpose of the processing.
Proportionality is a general principle of EU law. It restricts authorities in the exercise of their powers by requiring them to strike a balance between the means used and the intended aim. In the context of fundamental rights, such as the right to the protection of personal data, proportionality is key for any limitation on these rights.
More specifically, proportionality requires that advantages due to limiting the right are not outweighed by the disadvantages to exercise the right. In other words, the limitation on the right must be justified. Safeguards accompanying a measure can support the justification of a measure. A pre-condition is that the measure is adequate to achieve the envisaged objective. In addition, when assessing the processing of personal data, proportionality requires that only that personal data which is adequate and relevant for the purposes of the processing is collected and processed.
Opinion on the Commission Proposal for a Directive of the European Parliament and of the Council on single-member private limited liability companies
Opinion on a notification for Prior Checking received from the Data Protection Officer of the Research Executive Agency regarding the processing operation on personal data concerning the "Early Warning System (EWS) at the Research Executive Agency" (Case 2012-0981)
EDPS comments on the Communication from the Commission to the European Parliament and the Council on a European Terrorist Finance Tracking System (TFTS) and on the Commission Staff Working Document - Impact Assessment accompanying the Communication from the Commission to the European Parliament and the Council on a European Terrorist Finance Tracking System (TFTS)
Letter concerning the need to submit the EIB Secretary General’s special files for prior checking (Case 2013-0651)