ITをめぐる法律問題について考える このページをアンテナに追加 RSSフィード






Article 4 Definitions

(4)‘profiling’ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements;

Article 22 Automated individual decision-making, including profiling

1. The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.

2. Paragraph 1 shall not apply if the decision:


is necessary for entering into, or performance of, a contract between the data subject and a data controller;


is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject's rights and freedoms and legitimate interests; or


is based on the data subject's explicit consent.

3. In the cases referred to in points (a) and (c) of paragraph 2, the data controller shall implement suitable measures to safeguard the data subject's rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.

4. Decisions referred to in paragraph 2 shall not be based on special categories of personal data referred to in Article 9(1), unless point (a) or (g) of Article 9(2) applies and suitable measures to safeguard the data subject's rights and freedoms and legitimate interests are in place.




Top 10 operational impacts of the GDPR: Part 5 - Profiling

This definition implicitly excludes data processing that is not “automated.”

Further elaboration of this definition may be found in the Recitals, where the GDPR establishes its jurisdiction over non-EU controllers provided they are “monitoring the behaviour of [EU] data subjects as far as their behaviour takes places within the European Union.” Processing activity involves data subject “monitoring” when “individuals are tracked on the Internet including potential subsequent use of data processing techniques which consist of profiling an individual, particularly in order to take decisions concerning her or him or for analysing or predicting her or his personal preferences, behaviours and attitudes.” This definition suggests that profiling is not equivalent to tracking, but instead is something more, involving the intention to take decisions regarding a data subject or predict the subject’s behaviors and preferences.








  • 出願ソフトで出願 →参考
  • 変換後の書類(送信ファイルフォルダ内の書類)を確認。エラーが出てたら直す。わからなければ、特許庁に問い合わせられる。
  • オンライン出願して受領証を表示。



  • 一件しか出願していないので、様子を見てもう一件出願する
  • 審査通知まで数か月程度要