Council of Mayor and Aldermen of Uithoorn – Court Ruling (Netherlands, 2020)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Council of Mayor and Aldermen of Uithoorn required a man to visit the town hall to verify his identity for a data erasure request. The court agreed, saying this was reasonable to prevent fraud. This decision shows that in-person verification can be necessary for sensitive requests.
What happened
The Council of Mayor and Aldermen of Uithoorn asked a man to visit in person to verify his identity for a data erasure request.
Who was affected
A person who requested the erasure of his personal data from the municipal records.
What the authority found
The court ruled that the Council could reasonably require personal identification at the town hall to ensure the requester's identity.
Why this matters
This ruling illustrates the importance of verifying identities for sensitive data requests and supports the use of in-person verification to prevent fraud. It highlights the balance between accessibility and security in handling personal data.
GDPR Articles Cited
The Council of Mayor and Aldermen of Uithoorn (which exercises the executive power of the municipal government) rejected the request of appellant to erase his personal data. He attached a certified copy of his passport to this request, but it was deemed insufficient to establish the applicant's identity properly and irrefutably. The Council of Mayor and Aldermen of Uithoorn requested the appellant to visit the town hall in person. Subsequently, the appellant requested that a DigiD link be e-mailed to enable him to identify himself, but such identification via DigiD was not yet possible at the municipality. By decision of 10 February 2020, the District Court of Amsterdam dismissed the appellant’s appeal against that decision as unfounded. The Court ruled that the Council of Mayor and Aldermen of Uithoorn could reasonably request the appellant to come and identify himself personally at the town hall, in order to prevent fraud. Such requirement was not deemed disproportionate, considering the irreversibility of the erasure of data and the importance of proper identification in this respect. The appellant lodged an appeal against this decision. Does the presentation of a copy of a passport provide sufficient information to verify the data subject's identity? Recital 64 of the GDPR states that the data controller should take all reasonable steps to verify the identity of a data subject requesting access. If there is reason to doubt the identity, additional information may be requested, as follows from Article 12(6) of the GDPR. In this case, the Council of State as of the opinion that there were other possibilities for establishing identity, which raised a lower threshold. The presentation of a copy of a passport, for example, is in principle considered a reasonable measure to verify identity. The fact that it is possible to falsify the copy of a passport and that it is impossible to check whether the document that has been scanned is authentic, as argued by the C
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (0)
No other cases found for Council of Mayor and Aldermen of Uithoorn in NL
This is the only recorded case for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. Council of Mayor and Aldermen of Uithoorn - Netherlands (2020). Retrieved from cookiefines.eu
Last updated: