Summary
Personal data should only be collected for specified and legitimate purposes.
Obligations
Quotes
- Personal data shall be: (...) (b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes (‘purpose limitation’).
- The Committee of Ministers, under the terms of Article 15.b of the Statute of the Council of Europe, recommends that member States, in consultation with private sector actors and civil society, develop and promote coherent strategies to protect and promote respect for human rights with regard to social networking services, in line with the Convention for the Protection of Human Rights and Fundamental Freedoms (...), in particular by engaging with social networking providers to carry out the following actions: (...) − enhance transparency about data processing, and refraining from illegitimate processing of personal data.
- The General Assembly (...) 7. Calls upon business enterprises: (...) (c) To implement administrative, technical and physical safeguards to ensure that data are processed lawfully and to ensure that such processing is limited to what is necessary in relation to the purposes of the processing and that the legitimacy of such purposes, as well as the accuracy, integrity and confidentiality of the processing, is ensured.
- States should encourage social media, media, search and recommendation engines and other intermediaries which use algorithms, along with media actors, regulatory authorities, civil society, academia and other relevant stakeholders to engage in open, independent, transparent and participatory initiatives that: (...) – implement the principle of privacy by design in respect of any automated data processing techniques and ensure that such techniques are fully compliant with the relevant privacy and data protection laws and standards.
- Principle of respect for privacy 1. Public authorities shall have respect for privacy, particularly when processing personal data. 2. When public authorities are authorised to process personal data or files, particularly by electronic means, they shall take all necessary measures to guarantee privacy. 3. The rules relating to personal data protection, notably as regards the right to have access to personal data and secure the rectification or removal of any data that is inaccurate or shall not have been recorded, shall apply to personal data processed by public authorities.
- Internet intermediaries should limit the processing of personal user data to what is necessary in the context of a clearly defined purpose, which is explicitly communicated to all users in a proactive manner. The processing, including collection, retention, aggregation, storage, adaptation, alteration, linking or sharing of personal data shall be based on the free, specific, informed and unambiguous consent of the user, with respect to a specific purpose, or on another legitimate basis laid down by law, as prescribed by Convention 108.
- Personal data are processed lawfully (with the unambiguous consent of the data subject or on the basis of law) for legitimate purposes and not in excess of such purposes, accurately and securely. These conditions apply also to profiling (personal data automatic processing techniques that collect and use information about an individual in order to identify, analyse or predict his or her personal preferences, behaviour and attitudes).
- Member States (through the designated authorities) should enforce compliance with the applicable data protection principles, in particular by engaging with search engine providers to carry out the following actions: – ensure that the collection of personal data by search engine providers is minimised. No user’s IP address should be stored when it is not necessary for the pursuit of a legitimate purpose and when the same results can be achieved by sampling or surveying, or by anonymising personal data. Innovative approaches promoting anonymous searches should also be encouraged; – ensure that retention periods are not longer than strictly necessary for the legitimate and specified purposes of the processing. Search engine providers should be in a position to justify with demonstrable reasons the collection and the retention of personal data. Information in this connection should be made publicly available and easily accessible; – ensure that search engine providers apply the most appropriate security measures to protect personal data against unlawful access by third parties and that appropriate data breach notification schemes are in place. Measures should include “end-to-end” encryption of the communication between the user and the search engine provider; – ensure that individuals are informed with regard to the processing of their personal data and the exercise of their rights, in an intelligible form, using clear and plain language, adapted to the data subject. Search engines should clearly inform users up front of all intended uses of their data (emphasising that the initial purpose of such processing is to better respond to their search requests) and respect the user’s right with regar to their personal data. They should inform individuals if their personal data has been compromised.
- Personal data should be relevant to the purposes for which they are to be used, and, to the extent necessary for those purposes, should be accurate, complete and kept up to date.
- The data processing in both electoral and political advertising (in particular microtargeting advertising) context shall comply with data protection principles under Article 5 of Convention 108+. These personal data must be processed in compliance with purpose limitation and data minimisation principles. In particular, according to Recommendation CM/Rec(2012)4 of the Committee of Ministers on the protection of human rights with regard to social networking services, social networks should secure the informed consent of their users before their personal data is shared with other categories of people or companies or used in ways other than those necessary for the specified purposes for which they were originally collected.
- Citizens need to be protected in the processing of personal data particularly during the election period when large amounts of personal data are processed, including those available in the electoral registers. As regards the registers data privacy has to be balanced against the transparency required for electoral integrity.
- Intermediaries should ensure data security and privacy, and ensure that the use of data is in compliance with international human rights law and has the fully informed consent of data providers.
- The legal framework should prohibit the collection, use or dissemination of personal data or information in any manner for any purpose other than the exercise of suffrage rights. In particular, care should be given to provisions that relate to fingerprints, photographs and personal identification numbers, as well as to ethnicity or other factors that could lead to discrimination or place the voter at risk of personal harm.
- Personal data that are processed must be adequate, relevant, correct and, if necessary, up to date; all reasonable measures must be taken to complete, correct, block or erase data that are incomplete or incorrect.
- In line with the Convention 108 and according to Recommendation CM/Rec(2012)4 on the protection of human rights with regard to social networking services and Recommendation CM/Rec(2016)5 on Internet freedom, social network services should not process personal data beyond the specified purposes for which they have collected it. Electoral campaigning constitutes in most cases a distinct purpose for which distinct consent is required.