Tải bản đầy đủ - 0 (trang)
13 DPAs Are Accountable to the Judiciary and Not Totally Free from Parliamentary Influence

13 DPAs Are Accountable to the Judiciary and Not Totally Free from Parliamentary Influence

Tải bản đầy đủ - 0trang

7.13  DPAs Are Accountable to the Judiciary and Not Totally Free…


on a similar matter in Commission v European Central Bank.307 That ruling is even

more precise than Commission v Germany. Independence of the ECB – which is, as

was explained before, surrounded by strong safeguards – does not mean that the

ECB is entirely separated from the EU framework and exempt from rules of EU law.

The Court confirmed that there is judicial accountability before the Court itself as

well as control by the Court of Auditors. Moreover, the ECB is subject to various

other measures adopted by the EU legislature, such as, for instance, the data protection regime as laid down in Regulation 45/2001, including the control by the EDPS.

The ruling of the Court in Commission v European Central Bank can, therefore,

be understood as meaning that the ECB operates within the institutional system of

the European Union, and is accountable within this system. The same can be said

about the DPAs under the Court’s case law.

The term accountability – as an obligation of public bodies, not to be confused

with the accountability of data controllers and processors under EU data protection

law308 – is used in the literature both in a wider and a narrower sense.309 In the wider

sense it is similar to the notion of ‘good governance’; in a narrower sense it is

described as the obligation to explain and justify conduct.310 Here, the latter, narrow

understanding is used, for the reason that we are focusing on accountability as a

constraint for complete independence.

7.13.1  J udicial Accountability as Compensation for the Loss

of Full Parliamentary Control

Under the rule of law, the procedures before the authorities and the possibilities for

judicial review of the acts of the authorities must respect the rights to an effective

remedy and fair trial. The requirement of a complete system of judicial protection

follows from the right to an effective remedy and to a fair trial under Article 47


This requirement plays a role in the General Data Protection Regulation.311 The

issue is how effective remedies can be ensured in a multi-jurisdictional environment

 Case C-11/00, Commission v European Central Bank, EU:C:2003:395, at 135.

 See Chap. 6, Sect. 6.14.


 Mark Bovens, Analysing and Assessing Accountability: A Conceptual Framework, European

Law Journal, Vol. 13, No. 4, July 2007, pp. 447–468, at 449–450.


 Also in this narrower sense accountability is sometimes seen as more than judicial and democratic accountability, M. Busuioc and M. Groenleer in Everson, Michelle, Cosimo Monda, and

Ellen Vos (eds), 2014, EU Agencies in between Institutions and Member States, Kluwer Law

International 2014, at 192. We stick to judicial and democratic accountability, because this links

directly to the rule of law and democracy, and closely links to legitimacy, as understood in this

book (see Chap. 1, Sect. 1.2).


 Particularly in Chapter VIII thereof.




7  Understanding the Role of Independent, Effective and Accountable DPAs: New…

where DPAs of several Member States may be involved, and where judicial authorities of several Member States claim jurisdiction. In addition, where decisions are

taken at the EU level that are of direct and individual concern to a person312 the

Court of Justice has jurisdiction under Article 263 TFEU.

Full judicial accountability of expert bodies – and of DPAs in particular – can be

seen as a means to compensate for the loss of democratic control. However, the

expertise required for the governance of a technically complicated area may also

inhibit full judicial control of the acts of these expert bodies. In this perspective, it

makes sense to recall that the Court allows broad discretion in situations involving

political, economic and social choices that require complex assessments and evaluations being made. In such cases, the Court exercises scrutiny in a restrained manner. The criterion “applied is not whether a measure adopted in such an area was the

only or the best possible measure, since its legality can be affected only if the measure is manifestly inappropriate”.313

Advocate General Cruz Villalón proposes transposing this approach to the activities of the ECB and expresses the view that judicial review must be cautious.314 One

can question whether this same approach is appropriate in situations where powers

are given to unelected bodies and where democratic control is by nature limited.

Must the limitations in democratic control not be compensated by full judicial control? The answer to this question is not obvious.

Moreover, although different positions can be taken on the intensity of the judicial review in complex cases, it is beyond doubt that judicial accountability is an

important element legitimising expert bodies such as DPAs. Judicial accountability

of DPAs is wider than accountability before a judge in the exercise of its tasks. It

also means that institutional aspects that apply to the DPAs as public authorities

may be subject to judicial review.

The most obvious example is the removal from office of members of DPAs

before their term has ended. According to the Court, the threat of a premature termination as such is incompatible with independence.315 Premature termination is,

therefore, only possible under strictly limited conditions that relate to the person


 The issue of giving decision making power to the European Data Protection Board led to intensive discussions in the legislative procedure, not at least because of its impact on Article 47 Charter.


 Case C-58/08, Vodafone and Others, EU:C:2010:321, at 52.


 Opinion AG Cruz Villalón in Case C-62/14, Gauweiler and others, EU:C:2015:7: “111. The

ECB must accordingly be afforded a broad discretion for the purpose of framing and implementing

the Union’s monetary policy (58). The Courts, when reviewing the ECB’s activity, must therefore

avoid the risk of supplanting the Bank, by venturing into a highly technical terrain in which it is

necessary to have an expertise and experience which, according to the Treaties, devolves solely

upon the ECB. Therefore, the intensity of judicial review of the ECB’s activity, its mandatory

nature aside, must be characterised by a considerable degree of caution.”


 Case C-288/12, Commission v Hungary, EU:C:2014:237, e.g. at 54.

7.14  Democratic Accountability: Independence Should Not Mean That Expert Bodies…


concerned and not to the performance of the tasks, and can only be pronounced by

judicial authorities,316 or is at least subject to other strict rules and safeguards.317

Other examples are staff rules or budget rules, which DPAs should comply with

in the same way as any other public authority. They should also comply with rules

on transparency. As far as these institutional aspects are concerned, compliance is

not merely a legal obligation but it is also an expression of the democratic accountability of DPAs, or, in other words, their social responsiveness.318

7.14  D

 emocratic Accountability: Independence Should Not

Mean That Expert Bodies Act in a Non-controllable

and Arbitrary Manner

Independence should not lead to a situation in which expert bodies act in a non-­

controllable and arbitrary manner.319 In any event, there must be safeguards that

these bodies act in a socially desirable way, in accordance with their mandate. This

form of accountability should be ensured, also with a view to respecting the substance of the democratic structure of the state.320 However, the interpretation by the

Court of Justice of the complete independence of DPAs seems to contradict the idea

that these types of safeguards could be imposed. DPAs are independent in making

policy choices, even if these choices may not always be socially desirable. This

makes sense, in the light of the task of DPAs to protect a fundamental right that

should not be dependent on the social perceptions of a majority and may even

change over time. The obvious example of a social perception that may be subject

to change is the acceptance of the use of personal data for security purposes. In the

period after a terrorist attack this acceptance may be different than before, but that

does not mean that the independent body must adapt its position on how to ensure

privacy and data protection. Of course, this is different where the changed social

perceptions of a majority lead to a change of the law. The DPAs should respect the



 E.g. Article 42 of Regulation 45/2001.

 Under Directive 95/46, as interpreted in Case C-288/12, Commission v Hungary, EU:C:2014:237.

See also Article 53(4) GDPR, which mentions “serious misconduct”.


 Annotation by Jiří Zemánek, 49 CMLR (2012), 1755–1768, at 1765, on Case C-518/07,

Commission v Germany, EU:C:2010:125.


 As stated by M. Busuioc and M. Groenleer, EU Agencies in between Institutions and Member

States, Edited by: Michelle Everson, Cosimo Monda, Ellen Vos, January 2014, at 175. See also

Sect. 7.9.


 Critical reactions on the CJEU’s extensive interpretation of independence of DPA relate to the

effects on the democratic structure, annotation to Case C-518/07, Commission v Germany, on the

independence of data protection authorities by Jiří Zemánek 49 CMLR (2012), 1755–1768.



7  Understanding the Role of Independent, Effective and Accountable DPAs: New…

The high standards for independence under EU law have as a consequence that

an essential part of the enforcement of privacy and data protection is delivered by

expert authorities outside the traditional trias politica, albeit under judicial control.

This is even more relevant since their mandate focuses on privacy and data protection, but also requires that other interests need to be taken into account in decision-­

making processes.

Furthermore, although the national data protection authorities operate within the

national jurisdiction, their actions may have cross-border effects and, in addition,

they also have responsibilities at the EU level. This positioning further complicates

the democratic legitimacy and accountability. It is not clear whether the DPAs are –

primarily– accountable at the international level or the national level. The responsibilities of the DPAs at the level of the European Union will be even more predominant

under the General Data Protection Regulation, which intends to establish a mechanism of enforcement cooperation between the authorities and within a European

Data Protection Board.

Whereas judicial accountability of DPAs for their performance is an obvious element of the functioning operation of these authorities under the rule of law, democratic accountability is a more complicated matter, since this aspect of accountability

restricts the very nature of independence itself. In a slightly different wording: an

essential element of the independence of DPAs is that their performance is not scrutinised by majoritarian bodies.321

7.14.1  T

 he Wider Context of Accountability of Public Bodies:

Three Perspectives

Bovens distinguishes three perspectives for considering accountability,322 a democratic, a constitutional and a learning perspective. Although these perspectives are

primarily relevant for elected bodies – accountability may have consequences in

elections –, they also provide a good basis for scrutinising the accountability of


The democratic perspective aims at giving the people control over activities of

public bodies and goes back to the basics of a democracy. The position of a public

body is the result of a chain of delegation and it is ultimately the people that transferred sovereignty to public bodies. Accountability in this perspective means that

individuals are enabled to monitor and evaluate the performance of a public body.

For DPAs this may mean that emphasis should be given to the transparency of their

performance to the public. In this respect, a parallel exists with the obligations for


 This is not necessarily applicable to agencies: DPAs do not have a principal to whom they are

accountable. See on this in relation to agencies, M. Scholten, The Political Accountability of EU

Agencies: Learning from the US Experience, (dissertation Maastricht, 2014), in particular Chap. 1.


 Mark Bovens, Analysing and Assessing Accountability: A Conceptual Framework, European

Law Journal, Vol. 13, No. 4, July 2007, pp. 447–468, at 462–467.

Tài liệu bạn tìm kiếm đã sẵn sàng tải về

13 DPAs Are Accountable to the Judiciary and Not Totally Free from Parliamentary Influence

Tải bản đầy đủ ngay(0 tr)