Abstract [eng] |
This article considers issues related to the potential conflict between the right to personal data protection and the right to freedom of information. The right to the protection of personal data is relatively new and can be described as one of the features of modern law, as the new secondary legislation intended to regulate this field in detail was adopted by the EU in 2016 only. It is an axiom that every person deserves to have access to appropriate remedies that uphold their right to personal data protection, as provided by Article 8 of the Charter. According to the Charter, this right is fundamental and necessary in order to preclude the illegal or disproportionate use of personal and private information. There is no equivalent of Article 8 in the European Convention on Human Rights (ECHR). The right to privacy and personal data protection share common ground, such that the Court of Justice of the European Union (CJEU) considers both the right to privacy and personal data protection concurrently. Nevertheless, judgments such as Digital Rights Ireland, Seitlinger and others, or Tele2 Sverige would suggest otherwise; the CJEU clearly regards both of these rights as being separate. Access to information is therefore closely related to the freedom to hold opinions and to receive and impart information and ideas, as guaranteed by Article 10 of the ECHR. In the context of European Union law, access to information is held to be a common constitutional tradition. Moreover, Article 11 of the Charter sets out the right of freedom of expression and information, including the freedom to hold opinions and to receive and impart information and ideas without interference by public authority and regardless of frontiers. Yet, given that the right to privacy and the freedom of information are both essential rights in this Digital Age, being able to access public documents cannot be an absolute right. Where application is made to access personal information held by government bodies, there is a potential conflict between these rights. It is here than national courts have a special role to play, i.e. ensuring the right to personal data protection and freedom of information, and in dealing with certain cases there may be a need to assess that the fundamental rights have not been breached. How, then, do international and national courts balance the right to personal data protection and the freedom of information? Both are internationally recognized human rights with a long history and which serve important purposes. Human rights law does not subordinate one right over another, but rather, considers personal rights on a case-by-case basis, with particular emphasis on the relative importance of the interests of the various parties. Thus, international and national courts that directly apply ECHR and EU law should fill the gap by judging individual complaints or by applying and interpreting the EU law balancing these two rights. In seeking to balance the right to respect a person’s private life with freedom of expression, the European Court of Human Rights (ECtHR), first assesses whether or not a national court has sought to strike a balance between these competing interests. If a national court did not seek for such balance, there is reason to find that this court did not provide effective and sufficient protection of privacy. Note that both the ECtHR and the national courts use the same criteria to justify the need for restrictions of a right or liberty when determining the balance between those competing interests. In interpreting the relationship between the right to protection of personal data and the freedom of expression in CJEU case-law, the content of the right to protection of personal data is often assessed in the context of the protection of privacy, which means adhering to the standards set by the ECHR in this area. In terms of the jurisprudence of the CJEU on what is a conflict between the right to protection of personal data and freedom of information, the Court is reluctant to give priority to the freedom of information. In fact, it carefully assesses the restriction of the right to the protection of personal data and the fulfillment of the procedural requirements which guarantees this right. In many cases the Supreme Administrative Court of Lithuania (SACL) has given priority to freedom of information by expanding the interpretation of information processing for business purposes. However, it also focuses on the fact that personal data may be processed for a legitimate purpose only, and in that case it is not sufficient to merely identify a certain legitimate purpose from the data controller‘s point of view. It is usually the case that the SACL conducts the proportionality test provided for in the jurisprudence of the ECtHR and the CJEU. |