חומר רקע
סקירה משווה–
צו הפסקת עיבוד מידע
( האיחוד האירופיGDPR
)
סעיף58
(2
()
f) ל -
GDPR
מקנה סמכות לרשות הגנת המידע להוציא צו זמני או קבוע המגביל או
.אוסר על עיבוד מידע
58.2 Each supervisory authority shall have all of the following corrective powers:
[…]
(f) to impose a temporary or definitive limitation including a ban on processing;
בריטניה
סעיפים149-150
לחוק הגנת המידע הבריטי
מסמיכים את רשות הגנת המידע (
ICO
) להט יל
איסור
על עיבוד מידע .
149. Enforcement notices (1) Where the Commissioner is satisfied that a person has
failed, or is failing, as described in subsection (2), (3), (4) or (5), the Commissioner may
give the person a written notice (an “enforcement notice”) which requires the person—
(a) to take steps specified in the notice, or (b) to refrain from taking steps specified in the
notice, or both (and see also sections 150 and 151).
150. Enforcement notices: supplementary (1) An enforcement notice must— (a) state
what the person has failed or is failing to do, and (b) give the Commissioner’s reasons
for reaching that opinion. (2) In deciding whether to give an enforcement notice in
reliance on section 149(2), the Commissioner must consider whether the failure has
caused or is likely to cause any person damage or distress. (3) In relation to an
enforcement notice given in reliance on section 149(2), the Commissioner’s power under
section 149(1)(b) to require a person to refrain from taking specified steps includes
power— (a) to impose a ban relating to all processing of personal data, or (b) to
impose a ban relating only to a specified description of processing of personal data,
including by specifying one or more of the following— (i) a description of personal data;
(ii) the purpose or manner of the processing; (iii) the time when the processing takes
place.
צרפת
סעיף20
(3
()
3) לחוק
הגנת המידע
הצרפתי
( מסמיך את רשות הגנת המידעCNIL) להטיל
איסור על
,עיבוד מידע. בנוסף סעיף21
קובע שבמקרי חירום ניתן לקבוע השעיית עיבוד
למשך שלושה
חודשים .
20 (iii). Where the controller or his processor fails to comply with the obligations arising
from Regulation (EU) 2016/679 of 27 April 2016 or this Act, the Chair of the CNIL may
also, after sending him the warning stipulated in I of this Article or, in addition to issuing
a formal notice stipulated in II, refer the matter to the Restricted Committee of the CNIL
so that it may, following the adversarial procedure, decide on one or more of the
following measures:
[…]
3. With the exception of processing in the interests of State security or defense
or processing operations covered by Title III of this Act when they are carried
out on behalf of the State, a temporary or permanent suspension or
prohibition of processing, or the withdrawal of an authorization granted
under the same Regulation or under this Act.
21. In cases where failure to comply with the provisions of Regulation (EU) 2016/679 of
27 April 2016 or this Act leads to a violation of the rights and freedoms mentioned in
Article 1 of this Act and where the Chair of the CNIL considers that there is an urgent
need to act, the Chair will refer the matter to the Restricted Committee, which may, in
the context of an adversarial emergency procedure defined by decree of the Council of
State, adopt one of the following measures:
1. A temporary suspension of processing operations, including data transfer
outside the European Union, for a maximum period of three months,
provided that the processing is not in the interests of State security or defense or
processing covered by Title III when it is carried out on behalf of the State.
אירלנד
סעיף134
לחוק
הגנת המידע
האירי מסמיך את רשות הגנת המידע לפנות לבית המשפט, בין היתר
בבקשה ל .צו הפסקת עיבוד
134. (1) Without prejudice to Articles 58(2) and 66 of the Data Protection Regulation
and subsection (4), the Commission, where it considers that there is an urgent need
to act in order to protect the rights and freedoms of data subjects under a relevant
enactment, until steps or further steps are taken under the relevant enactment,
may, on notice to the controller or processor concerned, make an application in a
summary manner to the High Court for an order under subsection (2).
(2) The High Court may determine an application under subsection (1) by— (a) making
any order that it considers appropriate, including an order suspending, restricting or
prohibiting— (i) the processing by the controller or processor of the personal data
concerned, or (ii) the transfer by the controller or processor of such data to a recipient
in a third country or to an international organization, for such period, or until the
occurrence of such event, as is specified in the order, and (b) giving to the Commission
any other direction that the High Court considers appropriate.
ברזיל
סעיף52
לחוק הגנת המידע
הברזילאי
(משנת2020
)
מסמיך את רשות הגנת המידע להורות על
השעיה חלקית של פעילות המאגר לתקופה זמנית עד אשר תוסדר
פעולת העיבוד
(סעיף קטן10
;)
להורות על השעיה מלאה של פעילות המאגר לתקופה של6 חודשים, שניתן להאריכה ב-6
חודשים
נוספים (סעיף קטן11); או להורות על השעיה חלק ית או מלאה ,של פעולת עיבוד המידע ללא הגבלת
.זמן
Art. 52. Data processing agents that commit infractions of the rules provided in this Law
are subject to the following administrative sanctions, to be applied by the national
authority:
"X – partial suspension of the operation of the database related to the infraction for
a maximum period of 6 (six) months, extendable for the same period, until the
normalization of the processing activity by the controller;
XI – suspension of the personal data processing activity related to the infraction for
a maximum period of 6 (six) months, extendable for the same period;
XII – partial or total prohibition of activities related to data processing."
שווי
יץ
סעיף51
לחוק הגנת המידע
השוויצרי
(החוק עודכן בשנת2020
)
מסמיך את רשות הגנת המידע
הפדרלית להורות על סיום, השעיה או שינוי עיבוד המידע, כולו או חלקו, וכן להורות על מחיקת
.המידע או השמדתו
Article 51 Administrative Measures
1. If data protection regulations have been violated, the FDPIC may order that the
processing be modified, suspended or terminated, wholly or in part, and the
personal data deleted or destroyed, wholly or in part.
2. It may delay or prohibit disclosure abroad if this violates the requirements of Article
16 or 17 or provisions relating to the disclosure of personal data abroad in other
federal acts.
דרום קוריאה
סעיף64
לחוק הגנת המידע בדרום קוריאה קובע
כי רשות הגנת המידע
רשאית להורות על הפסקת
.ההפרה או על השעיה זמנית של עיבוד מידע אישי
Article 64 (Corrective Measures)
(1)
Where the Protection Commission deems that there is substantial ground to
deem that there has been infringement with respect to personal information, and failure
to take action is likely to cause damage that is difficult to remedy, it may order the
violator of this Act (excluding central administrative agencies, local governments, the
National Assembly, the Court, the Constitutional Court, and the National Election
Commission) to take any of the following measures:
1. To suspend infringement with respect to personal information;
2. To temporarily suspend personal information processing;
3. Other measures necessary to protect personal information and to prevent personal
information infringement.