Opinions Prior Check and Prior Consultations

Avis du 29 novembre 2007 sur la notification d'un contrôle préalable à propos du dossier "procédure de certification" (Dossier 2007-353)

1. la détermination par l'AIPN du nombre de fonctionnaires autorisés à suivre le programme de formation et la publication d'un appel à candidatures;
2. l’examen de l’admissibilité des candidatures par l'AIPN;
3. l’établissement par l'AIPN de la liste des fonctionnaires sélectionnés pour participer au programme de formation;
4. la participation au programme de formation organisée par l'Ecole européenne d'administration;
5. l’organisation d’épreuves écrites et orales et l’établissement par l'Office européen de sélection du personnel de la liste des fonctionnaires ayant réussi les épreuves attestant qu'ils ont suivi avec succès le programme de formation;
6. la publication par l'AIPN de la liste des fonctionnaires ayant réussi les épreuves.

Dans le cadre de ses recommandations, le CEPD a notamment souligné que le Comité des Régions joigne au dossier personnel de la personne concernée les appels motivés des candidats qui contestent la liste de projet ou/et la liste finale. Il a été également recommandé le Comité des Régions ajoute au dossier personnel les conclusions et les raisons pour ces conclusions de l'avis du Comité de Certification concernant l'appel d'une personne concernée afin d'assurer que ce dossier soit complet et que le droit d'accès et de rectification de la personne concernée soient garantis.

Opinion of 29 November 2007 on a notification for prior checking concerning the "attestation procedure" case (Case 2007-352)

The Committee of the Regions (COR) is organising a selection procedure for officials authorised to follow the attestation exercise. The purpose of the data processing is to select officials serving in categories C or D before 1 May 2004 who may become members of the assistants' function group without career restriction.
The attestation procedure comprises three stages: publication of a call for applications; establishment of a list of applicants admitted to the attestation procedure; attestation on posts recognised as "administrative assistant" level. Consideration is given to criteria linked to merit, level of training, seniority and professional experience.
The main recommendations issued by the EDPS in his opinion on attestation relate to the time limit for storage of data collected in the personal file, the adequacy of security measures attached to this storage and information to the data subjects.

Opinion of 22 October 2007 on the notification for prior checking regarding the "Promotion of permanent staff" (Case 2007-407)

Le CEPD a examiné le traitement de données à caractère personnel et en a conclu que celui-ci ne paraît pas entraîner de violations des dispositions du règlement (CE) 45/2001 pour autant que certaines recommandations soient suivies,  en particulier: qu'un délai raisonnable soit fixé pendant lequel les données relatives à la procédure de promotion peuvent être conservées ; qu'une consigne de vigilance soit ajoutée en ce qui concerne les notes circonstanciées d'évaluation, afin de veiller à ce que les données introduites dans ces notes répondent aux exigences de l'article 4.1.c. ; que la personne concernée doit être informée au moment de la collecte des données de l'identité du responsable du traitement, de ses finalités, des catégories et de l'origine de données concernées, des destinataires, de son droit d'accès et de rectification, de la base juridique du traitement, du délai de conservation des données et de son droit de saisir à tout moment le CEPD ; que si des données sensibles au sens de l'article 10 du règlement n°45/2001 sont traitées, le traitement doit être prévu par l'une des exceptions de l'article 10.2 du règlement 45/2001.

Opinion of 22 November 2007 on a notification for prior checking on the procedure for early retirement without reduction of pension rights (Case 2007-575)

The EDPS issued an opinion on the processing of personal data in this procedure in which he concluded that there is no reason to believe that the processing of personal data in the procedure for early retirement at OHIM presents a breach of the provisions of Regulation 45/2001 provided certain recommendations are taken into account notably that OHIM reassesses the conservation period for applications; that OHIM justifies the necessity of keeping data relating to selected candidates available via the intranet for a period of 5 years and that access to the decisions of the Management Committee should be granted to data subjects regarding data relating to them subject to certain limitations based on Article 20§1(c).

Opinion of 21 November 2007 on a notification for prior checking on information and intelligence data pool and intelligence databases (Joint cases 2007-27 and 2007-28)

Information and Intelligence Data Pool” is the description given to all data held within the remit of Operational Intelligence Unit C4 in OLAF, including the Intelligence Databases.

Operational Information and Intelligence support are essential aspects of OLAF’s mandate to fight fraud, corruption, and any other illegal activity affecting the financial interests of the European Community, and serious matters relating to the discharge of professional duties - as established in Article 1 of Regulation (EC) n° 1073/1999 and Commission Decision 1999/352/EC Article 2 (5).

The purpose of the processing under analysis is then to further OLAF intelligence/analysis and operational activity. It also aims to support specific case requests, operations and investigations with a view to ensuring the optimum accuracy and relevance of information received, disseminated and otherwise processed for intelligence, financial, administrative, disciplinary and judicial use. This support may be provided throughout the various stages of OLAF investigation and operational activities, over all sectors and is recorded within the CMS (Case Management System) where applicable.

OLAF’s operational intelligence role also includes supporting the control, intelligence and enforcement activities in Member States, for OLAF partners and Operational DGs. Chapter 2.4.3 of the OLAF Manual further explains the role of OLAF's operational intelligence.

In his prior checking Opinion, the EDPS issued the main following recommendations:

• to acknowledge in the intelligence files when any restriction based on Article 20 of the Regulation is operated;
• to respect the confidentiality of the identity of whistleblowers during OLAF intelligence activities and in the later stages when appropriate;
• to provide the information (Article 12 of the Regulation) to the data subjects whose names appear in the documentation under analysis, but who are not persons concerned, witnesses, whistleblowers or informants, unless such activity would be impossible or would involve a disproportionate effort, in which case the obligation to provide directly the information could only be replaced by the indirect provision through the privacy statement published on the OLAF website. The same principle should be applied when intelligence activities are conducted independently of an investigation;
• to supplement the publication on the website with personalised information notices addressed to individuals (unless such activity would be impossible or would involve a disproportionate effort). The EDPS therefore calls upon OLAF to develop practices in providing personalised information to the individuals concerned to the degree it is appropriate in the context of intelligence activities and inform the EDPS about such guidelines.