Feeds

ECJ sorts FOI v data protection brewery beef

Have a beer and forget we ever asked you

The Essential Guide to IT Transformation

The European Commission was right to blank out the names of five people who attended a vital brewing industry meeting on data protection grounds because a beer maker had not justified its request for the names, an EU court has ruled.

The European Court of Justice (ECJ), the European Union's highest court, has overturned a lower court's ruling and has said that a data protection law allowed the European Commission to refuse to name people who attended a meeting that settled a beer industry competition law dispute.

Beer company Bavaria had claimed that it had the right to see who had attended the meetings under the EU's Access To Documents provisions of EU founding document the EC Treaty.

The EU's Court of First Instance (CFI) said that the attendees could be named because to do so would not breach their right to privacy, as guaranteed by the Data Protection Regulation.

The ECJ has over-ruled that decision, saying that the Commission was entitled to keep the names secret under that Regulation.

The Data Protection Regulation is similar in its wording to the Data Protection Directive. The Regulation governs the processing of personal data by the Community institutions and bodies only, while the Directive addresses its processing by all other organisations.

Bavaria bottled beer that it wanted to sell in UK pubs. It found, though, that most pubs were tied to particular beer companies and an exception to allow 'guest beers' was restricted to cask-conditioned beer, which excluded most European lager.

Bavaria complained to the European Commission, which began action against the UK, saying that allowing pubs to exclude most other beer sellers did not comply with EU competition rules.

During that legal process representatives of the UK and the Commission met in 1996 and it was decided that the rules would be relaxed to allow any beer to be a 'guest beer' under the rules. The Commission then dropped its case against the UK.

Bavaria sought copies of the documents surrounding the case. The documents related to that meeting were provided but the names of five people who were there were blanked out, two because they objected to the publication of their name and three because they could not be contacted.

The Commission said that the names were personal data and could not be handed over without the people's permission.

Bavaria took legal action, asking the CFI to annul the Commission's decision not to provide the names. The CFI said that the publishing of the mere fact that named people attended a meeting in their professional capacity would not harm the privacy rights of those people.

The ECJ said, though, that data protection laws stipulated that a reason needed to be given for the release of personal data.

"Where a request based on [the Access to Documents Regulation] seeks to obtain access to documents including personal data, the provisions of [the Data Protection Regulation] become applicable in their entirety, including Articles 8 [the provision requiring the recipient of personal data to establish the need for their disclosure] and 18 [the provision which confers on the data subject the right to object at any time, on compelling legitimate grounds relating to his or her particular situation] thereof," said the ruling.

"As Bavarian Lager has not provided any express and legitimate justification or any convincing argument in order to demonstrate the necessity for those personal data to be transferred, the Commission has not been able to weigh up the various interests of the parties concerned," concluded the ECJ. "Nor was it able to verify whether there was any reason to assume that the data subjects’ legitimate interests might be prejudiced, as required by [the Data Protection Regulation]."

"It follows from the above that the Commission was right to reject the application for access to the full minutes of the meeting of 11 October 1996," it said.

See: The ruling

Copyright © 2010, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Build a business case: developing custom apps

More from The Register

next story
Arrr: Freetard-bothering Digital Economy Act tied up, thrown in the hold
Ministry of Fun confirms: Yes, we're busy doing nothing
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
Apple smacked with privacy sueball over Location Services
Class action launched on behalf of 100 million iPhone owners
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
ONE EMAIL costs mining company $300 MEEELION
Environmental activist walks free after hoax sent share price over a cliff
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.