IOI Europe | Successfully closed IOI Europe Workshop on General Data Protection Regulation

From 16 to 17 October 2019 an IOI Europe workshop was held in Riga (Latvia). The workshop was hosted by the Office of the Ombudsman of Latvia and took place in the Wellton Riverside Hotel in Riga.

The workshop focused on the EU General Data Protection Regulation and the different aspects to be considered by human rights institutions in their work. The workshop consisted of three sessions: GDPR and supervision, GDPR at national level and GDPR and individual.

The workshop gathered representatives from different ombudsman institutions. It was opened with some remarks by the Ombudsman of the Republic of Latvia, Mr. Juris Jansons, as well as opening words from IOI President Mr. Peter Tyndall and European Chairman of the IOI Mr. Rafael Ribó.

In the first session speakers looked at issues from GDPR supervision level, by indicating working in the EU with regulation already for many years as well as looking at relevant factors that might affect the application. The speakers also pointed to many sides of interest that should be taken into account. In this session participants were introduced with recent case law and experience from the perspective of the GDPR.

The second session was dedicated to GDPR and experience at national level. Speakers from different countries introduced their best practice examples as well as challenges that they are facing after the first year of GDPR. Some hot topics have been highlighted during this session. For example the question on how to implement privacy by design in the organization, how to be ready for digitalization, how to deal with information that organizations hold, how to communicate privacy information and what is the lawful basis for processing personal data.

The third session was a group work session where participants where asked to deal with different cases regarding data protection.

The next day started with presentations on the protection of personal data in the field of journalism in the context of the General Data Protection Regulation and definitions such as “citizen journalism” where speakers invited to think about different daily aspects of GDPR. For example, processing personal data in journalism photo publishing, minor data processing, rights to information, rights to restrict data processing, rights to be erased as well as commercial communications to readers. The speakers also asked question for discussion such as “who is considered a journalist and what is public interest?”

The second part consisted of group discussions on questions like the role of Ombudsman institution in data protection, the Ombudsman’s right to access information and the duty to receive consent under Art. 7 of GDPR when investigating the claim, the Ombudsman’s obligation to properly inform the data subject under Art. 14 of GDPR, data processing of the Ombudsman office’s case files for research purposes, data subject’s right to access information about their case file and the protection of other people’s data, archiving the person’s data and “the right to be forgotten” and others.

The Ombudsman’s Office of the Republic of Latvia would like to thank all participants for their input and hopes that everyone took something useful for their work from this workshop.

Source: Ombudsman's Office of the Republic of Latvia