Steve Peers

A recent Court of Justice of the European Union (CJEU) decision in the cases of YS and M and S clarified data protection rights for asylum-seekers. This judgment could also have wider implications for accessing documents in administrative procedures.

Two asylum-seekers in the Netherlands wanted to see file notes related to their cases. Instead of relying on the EU’s asylum procedures Directive, which grants access to reasons for negative decisions and interview reports but not all documents, they invoked the data protection Directive. The asylum-seekers argued that the legal analysis within their files constituted ‘personal data.’ However, the CJEU disagreed, stating that while the analysis might include personal data, it primarily reflects the application of law to the applicant’s circumstances based on the available data.

The Court argued this aligns with the data protection Directive’s goal of ensuring privacy and data accuracy, rather than granting a general right of access to administrative documents. The CJEU drew parallels to the Bavarian Lager judgment, where it ruled that the Directive doesn’t aim to increase transparency in EU decision-making.

Regarding access to personal data within the files, the CJEU decided that providing a clear summary of the processed data was sufficient, rejecting the argument for full file disclosure.

Concerning Article 41 of the Charter, which addresses the right to good administration, the CJEU clarified that it only applies to EU bodies, not national administrations. However, the right to good administration can still be invoked against national authorities as a general principle of EU law.

Comments

The Court’s justification for restricting data protection in these cases is unconvincing. Neither the data protection Directive nor the asylum procedures Directive differentiate between administrative documents containing personal data and other forms of personal data collection. Asylum-seekers clearly have an interest in understanding how their data is used in evaluating their applications and correcting any inaccuracies.

Claiming that the data protection Directive doesn’t grant access to administrative documents misses the point. The issue is whether it grants access to documents containing personal data, not all administrative documents. The comparison to the Bavarian Lager judgment is also irrelevant, as that case involved data protection conflicting with EU legislation on access to documents.

The Court’s decision regarding providing a clear summary of personal data aligns with the wording of the data protection Directive.

The Court’s interpretation of Article 41 of the Charter attempts to address previous inconsistencies, such as in its judgment on procedural rights in subsidiary protection applications. While the Charter provision applies only to EU institutions, the Court confirms that the right to good administration, as a general principle, can be asserted against national authorities.

This appears to be the first time the CJEU has confirmed that certain rights, while not explicitly in the Charter, are safeguarded as general principles of EU law. This raises questions about other potentially protected rights, the nuances between parallel rights to good administration, and the legal implications of general principles compared to Charter rights. However, in the context of asylum proceedings and other EU law areas, the confirmation that applicants can still enforce the right to good administration against national authorities is significant.

Barnard & Peers: chapter 8, chapter 9, chapter 26