Print

Necessity & Proportionality

Necessity is a fundamental principle when assessing the restriction of fundamental rights, such as the right to the protection of personal data. According to case-law, because of the role the processing of personal data entails for a series of fundamental rights, the limiting of the fundamental right to the protection of personal data must be strictly necessary.

Necessity shall be justified on the basis of objective evidence and is the first step before assessing the proportionality of the limitation.  Necessity is also fundamental when assessing the lawfulness of the processing of personal data. The processing operations, the categories of data processed and the duration the data are kept shall be necessary for the purpose of the processing.

 

Proportionality is a general principle of EU law. It restricts authorities in the exercise of their powers by requiring them to strike a balance between the means used and the intended aim. In the context of fundamental rights, such as the right to the protection of personal data, proportionality is key for any limitation on these rights.

More specifically, proportionality requires that advantages due to limiting the right are not outweighed by the disadvantages to exercise the right.  In other words, the limitation on the right must be justified. Safeguards accompanying a measure can support the justification of a measure.  A pre-condition is that the measure is adequate to achieve the envisaged objective. In addition, when assessing the processing of personal data, proportionality requires that only that personal data which is adequate and relevant for the purposes of the processing is collected and processed.

Filters

25
Feb
2019

EDPS Guidelines on assessing the proportionality of measures that limit the fundamental rights to privacy and to the protection of personal data

As the independent advisor to the EU institutions and bodies under Regulation (EU) 1725/2018 on all matters concerning processing of personal data, the European Data Protection Supervisor (hereinafter, ‘the EDPS’) intends to issue Guidelines for assessing the proportionality of measures that limit the fundamental rights to privacy and to the protection of personal data (hereinafter, ‘the Guidelines’).

The Guidelines complement the EDPS Necessity Toolkit  and specify, having regard to the fundamental right to the protection of personal data enshrined under Article 8 of the Charter, the more wide-ranging guidance by the Commission and the Council to check compatibility of legislative measures with the Charter of Fundamental Rights of the European Union.

Through this exercise, the EDPS aims at assisting EU institutions and bodies in the task of ensuring that any limitation of the fundamental right to the protection of personal data is compliant with the requirements of EU primary law.

Before issuing the Guidelines in their final version, the EDPS is launching a stakeholders’ consultation on the draft version of the Guidelines, which you can find hereunder.

The deadline for receiving your input is 4 April 2019. The replies to the consultation should be sent to the Policy and Consultation Unit of the EDPS: POLICY-CONSULT@edps.europa.eu

Available languages: English
26
Sep
2018

Updated notifications for staff appraisal and reclassification at CdT

Prior-checking Opinion regarding the updated notifications for staff appraisal and reclassification at CdT (EDPS cases 2016-0011 and 2016-0292)

10
Aug
2018

Security of identity cards of Union citizens

EDPS Opinion on the Proposal for a Regulation strengthening the security of identity cards of Union citizens and other documents

Available languages: German, English, French
20
Jun
2017

Newsletter

In the June 2017 edition of the EDPS Newsletter we introduce you to our new-look Newsletter and cover the EDPS Opinion on ePrivacy, our continuing work on data ethics and the launch of our 2016 Annual Report, as well as many other EDPS activities.