Many of you will probably have heard of CED at least once in your life But what is it about? What is it for? And above all, what are the rights of the interested parties?
Let us proceed in order to examine each of the aforementioned profiles.
1) What is the CED and what is it for. Regulatory sources and legal framework
The Data Processing Center of the Ministry of the Interior, conventionally indicated with the acronym “CED”, was established by art. 8 of law 1 April 1981, n. 121 with the task of taking care of the collection of information and managing the enormous database of the Department of Public Security, containing, among other things, police reports, administrative measures relating to narcotics and criminal judicial measures.
In particular, based on art. 6, letter. a), of the aforementioned regulatory text, the CED contains “the data that must also be provided by the police forces regarding the protection of order, public safety and the prevention and repression of crime and their distribution to the operational bodies of the aforementioned police forces”. The art. 7, paragraph 1, of the same law no. 121/1981 specifies that the aforementioned data processed “must refer to information resulting from documents which are in any case kept by the public administration or public bodies, or resulting from sentences or provisions of the judicial authority or from documents concerning criminal investigation that can be acquired pursuant to article 165-ter of the code of criminal proceedings or police investigations”.
Having said this, it is clear then that the purpose of the CED is essentially resolved in “processing of personal data by the competent authorities for the purposes of prevention, investigation, detection and prosecution of crimes or execution of criminal sanctions”, in accordance with the art. 1, paragraph 1, of Legislative Decree 18 May 2018, n. 51, transposition and implementation of EU Directive 2016/680.
In other words, the Ministry of the Interior, through the Department of Public Security, uses the CED as a fundamental tool for the protection of public order and safety, as well as for the prevention and repression of crime.
2) What are the rights of citizens affected by the processing of data collected in the DPC
The rights of citizens affected by the processing of data collected in the DPC are essentially two:
to) The right to access the aforementioned datai.e. to take into account the information collected about them by the Department of Public Security;
b) The right to request rectification or deletion of dataif the legal conditions are met.
In accordance with the third paragraph of the art. 10 of law no. 121/1981, in fact, “The person to whom the data refers may ask the office referred to in letter c) of the first paragraph of article 5 to confirm the existence of personal data concerning him, their communication in an intelligible form and, if the data are processed in violation of current provisions of law or regulation, their cancellation or transformation into anonymous form”.
Let us examine the two aforementioned rights separately.
to) As for first of all right of accesseach subject who believes himself to be interested in the processing of data by the Department of Public Security can send a request to find out if and what data concerning him are contained in the Interforce database.
As is obvious, the personal data present in the CED can be communicated only to the people to whom they refer or to those who have been specifically delegated by them by virtue of a written document.
In concrete terms, it will be sufficient to send the DPC – preferably via certified e-mail – a request, using the forms made available by the Administration (forms A/1 and A/2), or even on plain paper, to obtain, within 30 days, a response indicating the information and data relating to the applicant, which are kept and managed by the Ministry of the Interior.
The fourth paragraph of the aforementioned art. 10 points out that the applicant will not be communicated those data that could “jeopardize operations to protect public order and safety or to prevent and repress crime”. The Guarantor for the protection of personal data will be informed of the failure to communicate.
b) With regard to the right to rectification and deletion of data (as well as their transformation into anonymous form), it is noted that:
– in compliance with the third paragraph of the art. 10, the relevant request can be evaluated only if the data is processed in violation of current laws or regulations;
– an element of great complication is given by the fact that art. 57 of the legislative decree 30 June 2003, n. 196, previously to the reg. EU 2016/679, provided that the methods of implementing the principles of the code for the protection of personal data processed for police purposes should be regulated by a specific regulation. Following the repeal of the aforementioned art. 57 due to the art. 49, paragraph 2, of the legislative decree 18 May 2018, n. 51, of adaptation of our system to the aforementioned reg. EU 2016/679, the data retention times in the joint CED will have to be established by a new regulation, which however has not yet been issued to date;
– in case of refusal in response to the request for rectification, cancellation or anonymization of the data, the interested party can contact the territorially competent Court (in particular, the Court of Rome, as the Court of the place where the data controller is located, the Ministry of the Interior, through the Department of Public Security), which, having completed the necessary checks, will be able to dispose in the direction requested (see the fifth paragraph of the oft-cited art. 10);
– moreover, the interested party may also contact the Guarantor for the protection of personal data by making a specific complaint.
Conclusions
The CED is an extremely delicate instrument which requires the search for a delicate balance between the unavoidable needs of safeguarding public order and preventing crimes, on the one hand, and protecting the confidentiality of the subjects involved, on the other.
It will therefore be a good idea for interested parties to be aware of the rights that are guaranteed to them by the regulations in force and to decide to exercise them in the most correct manner, so as to protect themselves from an inappropriate exercise of their relevant data, if necessary, by cooperating with the Ministry of the Interior. , in its own interest, to ensure transparent and respectful use of police information (including criminally) relevant.
In this context, the uncertainties still persisting due to the failure to issue the aforementioned implementing regulation risk outlining a picture with undefined contours and “with variable geometry”, dangerously left to the mere discretion of the individual official assigned to respond to the specific request forwarded. From which comes the obvious corollary of the resurgence and in any case of the increase in litigation on the subject.
The hope, therefore, is that of a prompt intervention by the institutions, which in any case will not be able to make up for those information gaps on the institution in question, which this writing, due to its conciseness, has only been able to bring to the attention of the readers .
