Wednesday, November 28, 2012

When is personal information on the Internet ‘manifestly made public’?

The Directive 95/46/EC in Article 8 regulates conditions related to the processing of special categories of data. In paragraph 1 the Directive says that “Member States shall prohibit the processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, and the processing of data concerning health or sex life.”[1] In the paragraph 2 the Directive presents exceptions from the rule in paragraph 1, therefore according to the section (a) the paragraph does not apply if “the data subject has given his explicit consent to the processing of those data” and (among others) also according to the section (e) if “the processing relates to data which are manifestly made public by the data subject.”[2] Therefore it could be assumed that all personal information online, which has been ‘manifestly made public’ by individuals themselves could be processed by other individuals or third parties.