While the General Data Protection Regulation (GDPR) is applicable to public and private organisations who hold data on EU citizens, there are a small number of exemptions for state institutions, mostly relating to law enforcement, security and taxation.
Article 23 of the regulation lists the restrictions to the GDPR, “when such a restriction respects the essence of the fundamental rights and freedoms and is a necessary and proportionate measure in a democratic society”.
The GDPR may be restricted in order to safeguard the state or it's citizens in the case of:
1. National security, defence & public security
2. In cases where it is necessary for the the prevention, investigation, detection or prosecution of criminal offences
3. In cases where it is necessary in the execution of criminal penalties, including safeguarding against and the prevention of threats to public security
4. Other important objectives of general public interest of the European Union or of a Member State, particularly important economic or financial interests such as monetary, budgetary and taxation matters
5. Issues of public health and social security of the European Union or of a Member State
6. The protection of judicial independence and judicial proceedings
7. The prevention, investigation, detection and prosecution of breaches of ethics for regulated professions
8. A monitoring, inspection or regulatory function connected, even occasionally, to the exercise of official authority related to areas including financial regulation, law enforcement & national security
9. The protection of the data subject or the rights and freedoms of others
10. In the enforcement of civil law claims
The DataSec 2017 conference takes place on 3rd of May in the RDS in Dublin.
The event will provide expert speakers, information and insight to help your business comply with GDPR and get the most out of the new legislation. Click here to book your place now.