The national court of civil proceedings as a Data Controller: limits and conditions of applicability of Articles 5 and 6 of the GDPR.

Prof. Avv. Alessandro del Ninno publishes an in-depth comment te to the March 3, 2023 judgment of the EU Court of Justice in Case C-268/21 (Norra Stockholm Bygg AB vs. Per Nycander AB).

The Court interpretatively clarified the scope of application of the provisions of Article 6 of the EU General Data Protection Regulation no. 679/2016 ("GDPR"), with particular reference to paragraph 3 (which provides that when a processing is necessary for compliance with a legal obligation or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, the basis of the processing must be established either by EU law or by the law of the Member State to which the Data Controller is subject) and Paragraph 4 (which provides that where processing for a purpose other than that for which the personal data were collected is not based on the consent of the data subject or on a legislative act of the Union or of the Member States, such processing for another purpose must be compatible with the purpose for which the personal data were originally collected).

In particular, the CJEU: (1) clarifies the relationship between GDPR and substantive and procedural rules governing civil judicial proceedings; (2) clarifies that judicial authorities are also subject to the General Data Protection Regulation, as the court ordering the production of a document containing personal data of third parties can take on the role of Data Controller; (3) stresses that the GDPR finds parallel and supplementary application of the substantive and procedural rules on the basis of which a national court orders the production of a document containing personal data of third parties; (4) highlights the conditions of lawfulness of further data processing (in the context of judicial production of an electronic register containing personal data of third parties) with respect to different original purposes, requiring the national court to weigh also the interests of third parties outside the court.