Gloss on the ruling of the Supreme Administrative Court of 25 May 2022, case reference number III OSK 2273/21
Gloss on the ruling of the Supreme Administrative Court of 25 May 2022, case reference number III OSK 2273/21
Author(s): Dariusz WalencikSubject(s): Court case
Published by: Oficyna Wydawnicza Uczelni Łazarskiego
Keywords: data protection; Catholic Church; GDPR; autonomous and comprehensive rules of data protection;
Summary/Abstract: The glossed ruling covers two key issues concerning the application of the autonomous and comprehensive rules of the protection of natural persons with regard to the processing of personal data applied by organisational units of the Catholic Church in the territory of the Republic of Poland. The first issue concerns the possibility of further application of these autonomous, comprehensive rules after the GDPR came into force. The second issue concerns the ability to designate and grant a legal status to an independent separate supervisory authority: the Ecclesiastical Data Protection Officer. Approving the stance presented in the ruling of the Supreme Administrative Court, the gloss presents arguments confirming the fact that when the GDPR came into force, a regulation concerning the processing of personal data existed in the Catholic Church (it was primarily contained in the standards of the Code of Canon Law of 1983), which the Catholic Church, by the time specified in Article 91(1) GDPR, harmonised with the provisions of that legal act. Moreover, the mode of operation, the manner of designating or dismissing the Ecclesiastical Data Protection Officer does not have to be derived from the universally binding law. It may arise from the internal law of the Catholic Church, provided that the requirements laid down in Chapter VI GDPR, i.e. independence, fulfilment of general conditions concerning data protection supervisory authorities, secrecy, performance of tasks and exercise of the powers laid down in the GDPR (relevant competences), are met. This argument originates from the principle of autonomy and independence of churches and other religious organisations, guaranteed by the provisions of the Constitution of the Republic of Poland. The reasoning is also confirmed in recital 165 of the GDPR preamble, which states that “This Regulation respects and does not prejudice the status under the constitutional law of churches and associations or religious communities in the Member States, as recognised in Article 17 TFEU”.
Journal: Ius Novum
- Issue Year: 17/2023
- Issue No: 1ENG
- Page Range: 125-138
- Page Count: 14
- Language: English