Mishcon de Reya, the London-based law firm that has been a hard-to-miss presence in European data protection matters over the past year, on Tuesday said it had filed "a lengthy GDPR complaint in two languages (English and French) with the Luxembourg National Data Protection Commission," as it sought to "bring together the concerns raised by the European data protection community and relevant European judgements."
These judgements, Mishcon noted in a statement, included the French Constitutional Council's Oct. 21 2016 judgment on the illegality of public trust registers, (2016-591 QPC), the EU Court of Justice's so-called 'Schrems II' ruling in July, "and a wealth of other EU case law."
As reported, Mishcon issued a statement last Friday in which it pointed out that Luxembourg District Court ('Tribunal d'Arrondissement' ) was "understood" to have asked the Court of Justice of the European Union (CJEU) a number of questions relating to the validity of public registers of beneficial ownership.
In its statement on Tuesday, Mishcon said it's complaint with Luxembourg's data protection agency also mentioned "internal documents from the European Commission" that it said "show that during the legislative process that led to the amendment of Art. 30 4 [of the EU's Anti-Money-Laundering Directive], the Commission was opposed to the introduction of fully public registers, and instead wanted to maintain the requirement of a demonstrable 'legitimate interest' in order to access information contained on the registers."
Mishcon aid it was urging the Luxembourg regulator to "order the suspension of the processing and publication of sensitive personal data of new and existing 'beneficial owners' of Luxembourg companies; launch an investigation" into the matter, and "report urgently to the Luxembourg Parliament on the implications of the judicial reference to the CJEU for the rights of compliant citizens".
Mishcon partner Filippo Noseda, was quoted in the statement as noting that "due to the busy schedule of the CJEU", no action on the matter was likely for some time, but that, given the urgency of the issue, "we are planning similar steps in other EU Member States, to raise awareness and put the issue of public registers at the center of the data protection debate across the continent."
To read the Mishon de Reya statement on the company's website, click here.
Pressure to create
beneficial ownership registers
Pressure has been building recently on a number of countries, including the U.S. and many small jurisdictions some claim are tax havens, to introduce public registers of beneficial ownership as a means of eliminating one of the ways wealthy individuals are able to hide their assets from the tax authorities.
Critics, however, have long claimed that revealing such information can expose the individuals in question to such personal risks as kidnapping for ransom as well as the theft of their personal financial data by criminals.
As the Miscon recommendations to the Luxembourg data protection body suggest, such critics typically argue that registers that provide beneficial ownership details to law enforcement officials and other "authorized" individuals are sufficient to prevent tax evasion, while ensuring individuals' data isn't at risk to criminals and would-be scammers.
- RTL Luxembourg journalist highlights 'accidentals' issue for English-speaking EU audience
- Time magazine is latest mainstream U.S. publication to run major story on plight of America's 'accidentals'
- Mishcon's Noseda, as latest U.S. gov't data breach revealed: Beneficial ownership registers also vulnerable
- MEPs, European 'accidental' petitioner slam lack of response by EU Commission to U.S. 'extraterritoriality'
- 23-page EU Council 'working paper' on AEOI regs emerges, prompting concerns