March 28, 2021
Compliance: at the moment
Nov. 16, 2019
The Government itself collects personal data on social networks, without the consent of the parties concerned, but for a good cause: the fight against tax fraud. What should we think about it legally?
The Finance Bill has proposed to the Parliament to vote an article 57 whose title is: Possibilité pour les administrations fiscales et douanières de collecter et exploiter les données rendues publiques sur les sites internet des réseaux sociaux et des opérateurs de plateformes (translation: Possibility for the tax and customs administrations to collect and exploit the data made public on the websites of social networks and platform operators).
Its content is as is in the text voted on in the National Assembly as follows:
"(1) I. - On an experimental basis and for a period of three years, for the purposes of investigating the offenses mentioned in b and c of 1 of article 1728, in articles 1729, 1791, 1791 ter, in 3 °, 8 ° and 10 ° of article 1810 of the general tax code, as well as articles 411, 412, 414, 414-2 and 415 of the customs code, the tax administration and the customs administration and indirect rights may, each as far as it is concerned, collect and exploit by means of computerized and automated processing using no facial recognition system, freely accessible content published on the internet by the users of the online platform operators mentioned in 2 ° of I of article L. 111-7 of the consumer code.
(2) The processing operations mentioned in the first paragraph are carried out by agents specially authorized for this purpose by the tax and customs authorities.
(3) When they are likely to contribute to the detection of the offenses mentioned in the first paragraph, the data collected are kept for a maximum period of one year from their collection and are destroyed at the end of this period. However, when used within the framework of criminal, tax or customs proceedings, this data may be kept until the end of the proceedings.
(4) The other data are destroyed within a maximum period of thirty days from their collection.
(5) The right of access to the information collected is exercised with the assignment service of the agents authorized to carry out the processing mentioned in the second paragraph under the conditions provided for by article 42 of law n ° 78-17 of January 6, 1978 relating to data processing, the files and freedoms.
(6) The right to object, provided for in article 38 of the same law, does not apply to the processing operations mentioned in the second paragraph.
(7) The terms of application of this I are set by decree of the Council of State.
(8) II. - The experiment provided for in I is the subject of an evaluation, the results of which are forwarded to Parliament as well as to the National Commission for Data Protection at the latest six months before its end. "
This initiative provoked many comments, rather reserved, even after the explanations given by the Minister of Budget to the National Assembly.
What to think of it legally?
Because the situation is quite simple, that is why it is difficult: on the one hand, the State will collect personal information without the authorization of the persons concerned, which is contrary to the very object of the law of 1978 , which results in full disapproval; on the other hand, the administration obtains the information to prosecute tax and customs offenses, which materializes the general interest itself.
So what about it?
June 28, 2019
It is often observed, even theorized, even advised and touted, that Compliance is a mechanism by which public authorities internalize political (eg environmental) concerns in big companies, which accept them, in Ex Ante, because they are rather in agreement with these "monumental goals" (eg saving the planet) and that this shared virtue is beneficial to their reputation. It is observed that this could be the most successful way in new configurations, such as digital.
But, and the Compliance Mechanism has often been brought closer to the contractual mechanism, this is only relevant if both parties are willing to do so. This is technically true, for example for the Deferred Prosecution, which requires explicit consent. This is true in a more general sense that the company wants to choose itself how to structure its organization to achieve the goals politically pursued by the State. Conversely, the compliance mechanisms work if the State is willing to admit the economic logic of the global private players and / or, if there are possible breaches, not to pursue its investigations and close the file it has opened, at a price more or less high.
But just say No.
As in contractual matters, the first freedom is negative and depends on the ability to say No.
The State can do it. But the company can do it too.
And Daimler just said No.
Publicly, including through an article in the Wall Street Journal of June 28, 2019.
The company sets out in a warning to the market that it is the object of a requirement on the part of the German Motor Authority (Kraftfahrt-Bundesamt) of an allegation of fraud, by the installation of a software, aimed at misleading instruments for measuring emissions of greenhouse gases on cars using diesel.
It is therefore an environmental compliance mechanism that would have been intentionally countered.
On this allegation, the Regulator both warns the company of what it considers to be a fact, ie compliance fraud, and attaches it to an immediate measure, namely the removal of the circulation of 42,000 vehicles sold or proposed by Daimler with such a device.
And the firm answers : "No".
Which is probably only beginning, since a No ends the dialogue of Ex Ante to project in the Ex Post sanction procedures, calls 6 observations:
March 18, 1878
Thesaurus : 02. Cour de cassation