Hi Alex,
Good question! It is one for the lawyers as every organization needs to assess the risk and compliance and decide. Language added to the directive later states IOs are subject to GDPR, but of course it is a bit more complicated. The relationship between the IO and EC is also important here. Voila an article that might be useful:
https://iapp.org/news/a/eu-gdpr-applicability-to-international-organizations/
At the Global Fund we’ve implemented GDPR on our website in the stricter sense because I believe it is the right thing to do, and also because it is important to provide the option of not-tracking to visitors. Visitors should own the data and be aware of how it will be used. It is also important not to force them to accept cookies, or make it complicated. Anyone can browse the website without any hindrance if they don’t accept cookies.
GDPR compliance has also been expanded to other platforms and we’ve had numerous deletion requests already. These requests were processed in compliance with GDPR.
My own opinion is that IOs already enjoy a lot of privileges and should be an example of protecting personal data, something many companies abuse.
Merci!
Genc
|
From: geneva-w...@googlegroups.com <geneva-w...@googlegroups.com>
On Behalf Of Alex Faundez
Sent: Wednesday, 3 August 2022 10:33
To: Geneva Web Group <geneva-w...@googlegroups.com>
Subject: {GWG: 3095} UN websites and GDPR
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. |
--
The Geneva Web Group is a Community of Practice for Internet professionals. Informal meetings are held in Geneva, Switzerland 3-4 times per year.
---
You received this message because you are subscribed to the Google Groups "Geneva Web Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
geneva-web-gro...@googlegroups.com.
To view this discussion on the web, visit
https://groups.google.com/d/msgid/geneva-web-group/633b3634-7bae-4c84-9898-52d351b837a0n%40googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/geneva-web-group/PH0PR07MB84783F98DC3732CF13F8F61FE79C9%40PH0PR07MB8478.namprd07.prod.outlook.com.
--
The Geneva Web Group is a Community of Practice for Internet professionals. Informal meetings are held in Geneva, Switzerland 3-4 times per year.
---
You received this message because you are subscribed to the Google Groups "Geneva Web Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to geneva-web-gro...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/geneva-web-group/633b3634-7bae-4c84-9898-52d351b837a0n%40googlegroups.com.
Thank you Andy,
That letter was quite a fun read 😊 I admit it was very difficult to understand it. Regarding the quote you included, I did not see it in the document (failed to find it elsewhere), would you have the source please? Am asking because in the EDPB link it states the following:
“In its guidance1, the European Data Protection Board has also clarified that the application of the GDPR is without prejudice to the provisions of international law, such as the ones governing the privileges and immunities of international organizations. At the same time, this guidance highlights that entities subject to the GDPR that exchange personal data with international organizations have to comply with the GDPR, including its rules on international transfers (Chapter V of the GDPR).”
I believe that the UN system is indeed exempt, also because there are no mechanisms to enforce compliance (EC can’t fine the UN). This might not be the case for all international organizations in Geneva, some of which are Swiss Foundations legally-speaking. In any case, I know this was not the question Alex asked initially, I do believe however that being in clear violation of GDPR and other similar legislation, does carry some reputational risk for orgs/missions/agencies.
Thank you!
Genc
|
|
To view this discussion on the web, visit https://groups.google.com/d/msgid/geneva-web-group/PH0PR07MB8478D73EE97979ED756DFB8FE79F9%40PH0PR07MB8478.namprd07.prod.outlook.com.