Privacy & Information Security Law Blog

On November 22, 2022, the Court of Justice of the European Union (“CJEU”) determined in a preliminary ruling that the general public’s access to information on beneficial ownership constitutes a serious interference with the fundamental rights to respect for private life and to the protection of personal data, enshrined in Articles 7 and 8 of the Charter of Fundamental Human Rights (the “Charter”).

The Facts

In accordance with the EU anti-money-laundering directive, a Luxembourg national law adopted in 2019 established a Register of Beneficial Ownership (the “Register”) and requires that a series of information on the beneficial owners of registered entities be entered and retained in the Register. Some of this information is made available to the public, including via the internet. The national law also provides that a beneficial owner may request Luxembourg Business Registers (“LBR”), the administrator of the Register, to restrict access to such information in certain cases.

Two actions were brought in the Luxembourg District Court (“District Court”) in relation to the restriction of information by the LBR in which the District Court considered that the disclosure of such information is capable of entailing a disproportionate risk of interference with the fundamental rights of the beneficial owners concerned. The District Court then referred a series of questions to the CJEU for a preliminary ruling concerning the interpretation of certain provisions of the anti-money-laundering directive and the validity of those provisions in light of the Charter.

The Decision

The CJEU held that the provision of the anti-money-laundering directive, whereby Member States must ensure that the information on the beneficial ownership of corporate and other legal entities incorporated within their territory is accessible in all cases to any member of the general public, is invalid. According to the CJEU, the general public’s access to information on beneficial ownership constitutes a serious interference with the fundamental rights to respect for private life and to the protection of personal data under the Charter. The CJEU noted that making the information publicly available enables a potentially unlimited number of persons to find out about the material and financial situation of the beneficial owner. The information also can be retained and disseminated by anyone who accesses it, which, according to the CJEU, increases the potential abuse of the information.

In its decision, the CJEU clarified that the EU legislature is pursuing an objective general interest with regard to the anti-money-laundering directive (i.e., seeking to prevent money laundering and terrorist financing), and that an objective interest is capable of justifying interferences with the fundamental rights of the Charter. However, the CJEU went on to hold that the interference entailed by making the information publicly accessible is neither limited to what is strictly necessary, nor proportionate to the objective pursued. In doing so, it referred to the previous regime and concluded that this regime amounts to a considerably more serious interference with Articles 7 and 8 without there being any clear benefits to offset the increased interference.  As this was a preliminary ruling from the CJEU, the District Court will now consider the CJEU’s decision in light of the cases before it.