Personal financial data: Regulatory framework of their e

Download Report

Transcript Personal financial data: Regulatory framework of their e

Personal financial data:
Regulatory framework of their e-processing
focusing on the function of interbanking
information systems in Greece and France
Milossi Maria
Attorney -at - Law, DESS,
PhD candidate in Computer Law,
Department of Applied Informatics,
University of Macedonia
&
Dr Alexandropoulou –Egyptiadou Evgenia
Associate Professor in Computer Law,
Department of Applied Informatics, University of Macedonia
Personal financial data
Meaning
Data which refers to the individual’s economic
situation. It concerns his/her property, bank
accounts, financial transactions, etc.
2
Personal financial data
Content







3
electronic money
buy and sell goods and services via internet
participation in auction sites (e-commerce)
use of web banking services (e-banking)
flight reservation (e-transport)
concert ticket reservation (e-entertainment)
digital submitting of tax statement (e-government)
Personal financial data
Privacy and processing of personal financial data




4
Protection as simple and not as ‘’sensitive’’ data (Directive
95/46/EC, art. 8)
Dangers for individual’s privacy (e.g. cookies)
Use of mathematical methods (Credit scoring , Data
Warehouse, Data mining)
Spamming
Personal financial data
Fields of processing of personal financial data


5
E-commerce (web banking, electronic
auctions, distance marketing of financial
services )
E-government (on line submission of tax
declaration, online application for the pension
and insurance matters)
Personal financial data
Regulatory framework of processing in banking sector (Greece & France)



6
Directive 95/46/EC
Greek Law 2472/1997
French Law 2004-801 (amendment of law 78-17)
Personal financial data
Data Protection Authorities
7

Greece:
Data Protection Authority (DPA): www.dpa.gr

France:
National Commission for Informatics and
Liberties (CNIL): www.cnil.fr
Personal financial data
Interbanking information system (Greece)


1.
2.
3.
4.
8
Controller: TIRESIAS (www.tiresias.gr)
Aim:
protection of credit
reduction of credit risk
improvement of financial transactions
benefits for individuals and banking system in general
Personal financial data
Filing Systems
1.
2.
3.
4.
9
Default Financial Obligation System (DFO) & Mortgages and
Prenotations to Mortgages System (MPS)
Credit Consolidation System (CCS)
Lost or stolen Identity Card and Passport System (IPS)
Terminated Merchants System (TMS)
Personal financial data
Interbanking information system (France)

Controller: The Bank of France
(www.banque-france.fr)

Aim:
1.
evaluate the trustworthiness of banks’ clients
provide information on the regularity of cheques and protect
2.
potential victims of bad cheques
3.
10
protect banks’ clients from personal debt problems
Personal financial data
Filing systems
1.Central Cheque Register (FCC)
2.National Register of Irregular Cheques (FNCI)
3.National Database on Household Credit Repayment Incidents
(FICP)
4. National hotline for lost or stolen cheques (CNACPV)
11
Personal financial data
Operational principles (Greece & France)




12
principle of scope
principle of proportionality
principle of accuracy
principle of respect of storage time
Personal financial data
Storage time (Greece)
Mortgages and
Examples: Prenotations to
Mortgages System
(MPS)
Default Financial
Obligation System (DFO)
bounced checks recorded till 2 years
mortgages, prenotations of mortgages,
conversions of prenotations to mortgages,
until they are wiped out
termination of credit card contracts and of
personal/ consumer/ housing loans and
overdrafts recorded till 2 years
13
Personal financial data
Storage time ( France)

Examples:
CREDIT REPAYMENT INCIDENTS
(FICP)
partial cancellation of claims, recorded till 10 years
personal recovery procedure, recorded till 8 years
cases of personal bankruptcy, recorded till 8 years
14
Personal financial data
Recipients (Greece & France)




Banks
Financial institutions
Credit card companies
Public sector entities
In Greek interbanking information system
recipients are also considered to be factoring
and leasing companies (DPA 523/199)
15
Personal financial data
Individual’s rights
1.
2.
3.
16
right of information
right of access
right to object
Personal financial data
Conclusions and final thoughts

1.
2.
3.
17
Need for :
Balance between technology development and
individual’s private life
Enactment of special and detailed guidelines
coming from National Data Protection Authorities
(soft law)
Enactment of a law concerning moral persons,
given that the companies consist the majority of
banks’ customers
Personal financial data
Thank you for your attention!
Milossi Maria
[email protected]
&
Alexandropoulou –Egyptiadou Evgenia
[email protected]
18