And the Department lost Sunday energy and of the sea issuesA decision on appeal is expected tomorrowon TF1 France 2 and Canal for approximately a thirty hourAwareness is made but step implementationBut they are now questioning the procedureThese concerns are shared by other investorsA marked desire to renew 100 personal decisionAs any grant it is not economically viableIn both cases the IMF could contribute up to 50 of the aidMost will be also used and commercialized by the private sectorIn 2006, more and more companies listed or not should implement ethical warning ("whistleblowing") in the areas of financial, accounting, banking and fight against money laundering. Start with the Commission the National Informatics and liberties (CNIL) just open such device accessible on its Internet site.
What are the criteria of legality of these devices under European law for the protection of the personal data Is there of the countries of the European Union more flexible than others in terms of data protection A position of the data protection authorities, the "CNIL" of the European Union, together with the Article 29 Group, provides a negative answer to this question and sets the rules.
Ethical alerts must adhere to the European directive General No. 95/46 on the protection of the personal data since they allow the processing of personal data (identity, number, etc.) at the reporting stage (mail, hot-line, etc.) or the processing of alerts (investigations, sanctions, etc.).
The report of the Group Article 29 imposes five requirement levels. First, the device must be legitimate. This will be, for example, the case if it is intended to provide a response to the American Sarbanes-Oxley Act of 2002 legislation or obligations still under national or international economic public order or regulating main stock exchanges (Nasdaq, Nyse).
Second, quality and proportionality of the data requirements must be met: limitation of the categories of persons who may use the device, the facts gathered objectivity and limitation of the latter to the relevant "whistleblowing", destruction of data unrelated to the aim pursued or conservation limited to the duration of checks or conduct of proceedings (disciplinary, judicial).
In addition, alerts must be as much as possible the facts rather than individuals. It is specified, moreover, that the "whistleblower" can remain anonymous. But the European Group suggests non-anonymous alerts which confidentiality would be highly secured.
In the continuity of the French position, group 29 recalls the need to allow all concerned natural persons ("whistleblower", persons in causes or cited) to assert their rights information during registration, right of access, rectification, and opposition.
Nevertheless, he admits that these rights may not be exercised because of the prevention and investigation purposes pursued absolutely. In the same sense, data access must allow to make public the identity of a "whistleblower" wishing to remain anonymous, or endanger the cited persons. On the side of transparency, the potential users of the alert system must receive appropriate information: Organization of the device, people rights, existence or non-transfers of data outside the EU, consequences of non-use or misuse of the device. The Article 29 Group also recalls that the "whistleblowing" must be subject to formalities. The use of internal providers a group of companies or external (centre of calls provider etc) is allowed but must be surrounded by guarantees. Transborder data flows must they be thus guaranteed by the mechanisms of the European model or the internal rules of business contracts. Member countries can submit these devices to a priori (prior authorization) or a posteriori (simple statement or compliance undertaking). Now, the European position is entering the "whistleblowing" in a logic of "compliance" for the protection of personal data.
