Skip to main content Accessibility help
×
Hostname: page-component-cd9895bd7-hc48f Total loading time: 0 Render date: 2024-12-22T20:57:35.424Z Has data issue: false hasContentIssue false

Chapter 6 - Specific Issues

from PART II - STATE OF THE ART

Published online by Cambridge University Press:  26 June 2019

Get access

Summary

217. PROBLEM STATEMENT – Article 4(7) GDPR defines a controller as being a “natural person, legal person, public authority, agency or other body”. The definition thus refers to a broad range of subjects, ranging from natural to legal persons and including any “other body”. In practice, the question may arise whether an individual within an organisation should be considered as the “controller”, or whether instead this role should be attributed to the organisation of which he or she is a part. According to the Article 29 Working Party,

“preference should be given to consider as controller the company or body as such rather than a specific person within the company or the body. It is the company or the body which shall be considered ultimately responsible for data processing and the obligations stemming from data protection legislation, unless there are clear elements indicating that a natural person shall be responsible. In general, it should be assumed that a company or public body is responsible as such for the processing activities taking place within its realm of activities and risks.”

218. RELATIONSHIP WITH OTHER AREAS OF LAW – In Opinion 1/2010, the Working Party emphasizes that it is important to stick as closely as possible to the rules established by other areas of law, such as civil, administrative and criminal law. These rules indicate to what extent individuals, organisations or other bodies may be held responsible and will in principle help to determine which actor should be labelled as the “controller”. The following paragraphs will briefly look at the civil and criminal liability of organisations – and the individuals working on their behalf – from the perspective of Belgian law.

219. LIABILITY FOR AUXILIARIES AND AGENTS – Article 1384, subsection 3 of the Belgian Civil Code (C.C.) provides that masters and principals are liable for damage caused by their servants and appointees (“auxiliaries”). For Article 1384, subs. 3 to apply, the following three conditions must be met:

  • a) there must be a relationship of subordination between the principal and the auxiliary;

  • b) the auxiliary must have committed a fault (i.e. negligence or unlawful act); and

  • c) the fault must have been committed in the course of the service for which the auxiliary has been enlisted.

  • Article 1384, subs. 3 C.C. is generally applied to hold employers (and legal persons more generally) vicariously liable for actions of their employees and other subordinates.

    Type
    Chapter

    Access options

    Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

    Save book to Kindle

    To save this book to your Kindle, first ensure [email protected] is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about saving to your Kindle.

    Note you can select to save to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be saved to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.

    Find out more about the Kindle Personal Document Service.

    • Specific Issues
    • Brendan Van Alsenoy
    • Book: Data Protection Law in the EU: Roles, Responsibilities and Liability
    • Online publication: 26 June 2019
    • Chapter DOI: https://doi.org/10.1017/9781780688459.012
    Available formats
    ×

    Save book to Dropbox

    To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Dropbox.

    • Specific Issues
    • Brendan Van Alsenoy
    • Book: Data Protection Law in the EU: Roles, Responsibilities and Liability
    • Online publication: 26 June 2019
    • Chapter DOI: https://doi.org/10.1017/9781780688459.012
    Available formats
    ×

    Save book to Google Drive

    To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Google Drive.

    • Specific Issues
    • Brendan Van Alsenoy
    • Book: Data Protection Law in the EU: Roles, Responsibilities and Liability
    • Online publication: 26 June 2019
    • Chapter DOI: https://doi.org/10.1017/9781780688459.012
    Available formats
    ×