Although the EU's 1995 Data Protection Directive1 is about to be replaced by new legislation, it is still a powerful tool in a jurist's toolbox. In a judgement (R./De Lage Landen Financiering) that became final this week, the District Court in 's-Hertogenbosch (the Netherlands) ordered a purported credit agreement to be striken from the national registry and the books of the bank De Lage Landen Financiering, considering the agreement is null. R., represented by us, argued that the registration of the agreement and her personal information constituted an unlawful infringement of her privacy, a right protected by the EU Charter of Fundamental Rights and the Directive. Banks providing credit were under Dutch law required to obtain a Consumer Credit Act (CCA)2 license in addition to their banking license. The court considered that at the time of conclusion of the credit agreement in 2004 the bank did not have such a CCA license and that this resulted in nullity of the agreement. As such R.'s rights under the Data Protection Directive are violated by the registration of R.'s personal information since the registration has no basis in law.
1. Directive 95/46/ECJudgement: District court Oost-Brabant 12 July 2016, 305718/EX RK 16/59