The right to protection of personal data is not an absolute right

Date :

The Social Chamber of the Court of Cassation issued a judgment on March 8, 2023 (Social Chamber No. 21-12.492) recalling, in reference to point (4) of the introduction to the GDPR, that " the right to the protection of personal data is not an absolute right and must be considered in relation to its function in society and balanced against other fundamental rights, in accordance with the principle of proportionality ."

In this case, the production of other employees' pay slips was essential for an employee to justify her claims. According to the High Court: " the right to proof may justify the production of evidence that infringes on personal life provided that such production is essential to the exercise of this right and that the infringement is proportionate to the aim pursued . "

This reminder seems very timely to us, because some specialists on the subject seem to forget the proportionality criterion included in the GDPR and make this text an absolute and intangible compliance tool, in defiance of simple common sense and by applying the provisions of the text (widely developed by the supervisory authorities) to the point of absurdity in their relations with their partners.

But it is true that common sense and conformity do not always go well together...

Also read

Date :
Under French law, the definition of an electronic signature (Art. 1367 Al.2 Civil Code) implies a "link" between the act and the signature identifying its author. This notion of link is also found in the definition of the advanced signature in the European eIDAS Regulation (Art. 26) which states that the advanced signature must be "unequivocally linked to the signatory". But the meaning of this link is not obvious. We believe that it can be understood according to three approaches: a conceptual approach that projects onto the electronic signature a characteristic of the handwritten signature; a technical approach defining it via the electronic signature technology; and finally an opportunistic approach linked to the development of the on-the-fly certificate and the notion of evidence file, widely adopted by French judges.
Read more
Date :
Most contracts concluded by banking institutions are now signed electronically. And this has many advantages: speed of execution, optimized process and document management, close customer experience... But identity fraud is on the rise in the field of consumer credit, and in four recent cases, the courts of appeal have pointed out some weaknesses in the current procedures.
Read more
Date :
The NIS2 directive soon to be transposed in France, the CRA regulation on cybersecurity, and the DORA regulation on the cyber resilience of the financial sector are either already in force or in the process of being in force. They organize a cybersecurity ecosystem that almost all SaaS publishers must comply with, at the cost of a fairly considerable compliance effort: complex texts to decode, notification obligations in all directions, documentation, operational implementation, etc. To begin with, we give you what you need to know about their applicability to your service
Read more