European Data Protection Supervisor
European Data Protection Supervisor

Opinions Prior Check

Opinions Prior Check

Some of the procedures that EU institutions put in place pose risks to the data protection rights and freedoms of individuals.

EU institutions are obliged by the Regulation to notify us before putting in place these risky procedures or data processing operations. They are not required to notify us each time the processing takes place.

Article 27(1) of Regulation (EC) No 45/2001 outlines the types of processing that should be notified to us:

  • The processing of certain special categories of data such as health data in pre-recruitment medical exams;
  • The processing intended to evaluate persons such as in staff appraisals, recruitment and selection of staff or contractors under procurement procedures or external experts;
  • Processing which excludes persons from a right, benefit or contract such as blacklisting for project funding;
  • When data is collected for one purpose and potentially used for another without any legal justification (legal basis) for doing so such as linking databases that serve different purposes.

Where an EU institution is unsure whether to notify us, their data protection officer can consult us for advice to confirm.
Once we have received a notification, we issue recommendations as required, to help the EU institutions make the procedure comply with the data protection rules. Our follow up work includes verifying that our recommendations have been implemented by the institution.

In general, our prior checking Opinions are public, but we may delete sensitive elements where necessary, relating to security for example.

On average we receive around 130 such notifications per year.

Filters

Pages

17/01/2018
17
Jan
2018

Administrative inquiries and disciplinary proceedings - EIT

Prior-check Opinion on "administrative inquiries and disciplinary proceedings" at European Institute of Technology & Innovation (EIT) (Case 2016-1165)

14/12/2017
14
Dec
2017

Activities of the medical service of the EEAS - EEAS

Prior-checking Opinion regarding the activities of the EEAS’ medical service (EDPS case 2016-0780)

14/12/2017
14
Dec
2017

Selection and recruitment of temporary agents, contract agents and seconded national experts - EIOPA

Notification on the selection and recruitment of temporary agents, contract agents and seconded national experts at EIOPA (case 2013-0541)

14/12/2017
14
Dec
2017

Procédure de détection, gestion et résolution de l’insuffisance professionnelle - CEPD

Avis de contrôle préalable ex post concernant la procédure de détection, gestion et résolution de l’insuffisance professionnelle au CEPD (dossier CEPD 2017-0489)

01/12/2017
1
Dec
2017

Appointment procedure - EUIPO

Prior-check Opinion on the European Parliament’s participation in the appointment procedure of the Executive Director, the Deputy Executive Director(s), the President of the Boards of Appeal, and the Chairpersons of the Boards of the European Union Intellectual Property Office (Case 2017-0345)

29/11/2017
29
Nov
2017

Whistleblowing Policy - EIB

Prior-check Opinion on the Whistleblowing Policy of the European Investment Bank (Case 2016-0381)

20/11/2017
20
Nov
2017

Appointment and engagement procedures - CdT

Prior-checking Opinion regarding the updated notification for appointment and engagement procedures at the Translation Centre for the bodies of the European Union (EDPS case 2016-0377)

16/11/2017
16
Nov
2017

Selection of confidential counsellors - EIB

Prior-checking Opinion regarding the selection of confidential counsellors at the European Investment Bank (case 2017-0136)

Confidential counsellors become active in informal anti-harassment procedures, a topic on which the EDPS has published Guidelines. The selection of such counsellors, in this case by the EIB, is subject to prior-checking by the EDPS because it involves an evaluation of the applicants' ability to perform the function, and possibly processing operations related to health. In the case at hand, the EDPS recommended spelling out the modalities of the procedure leading to the selection of confidential counsellors in rules of normative value, including which information on individual counsellors will be made available and which criteria apply to their selection.

15/11/2017
15
Nov
2017

Declaration of accidents at work for local agents working in EU Delegations - EEAS

Prior check Opinion on Complimentary Sickness Insurance for Local Agents in EU Delegations - Declaration of accidents at work at the European External Action Service (Case 2016-0775)

In case of an accident, local agents working in EU Delegations covered by the Complimentary Sickness Insurance for Local Agents scheme must fill in a declaration of accidents at work to obtain the reimbursement of the medical expenses. The EU Delegations and EEAS might also process personal data, including data related to health, of local agents who are not covered by this scheme in e.g. sick leave absences management and supporting medical certificates if those local agents have an accident at work. The medical certificate must be clearly distinguished from the medical report. Local agents should always send the medical report directly to the CISLA functional mailbox in EEAS Headquarters, without any access of staff members of the Delegation. Whereas the medical certificate should be sent to the Administration section of the Delegation or, if the local agent so chooses, sent directly to the CISLA functional mailbox in EEAS Headquarters and the Administration of the Delegation informed of it. The EU Delegations staff members involved in this process as well as EEAS's HR officers responsible for local agents should sign confidentiality declarations mentioning that they are subject to an obligation of professional secrecy equivalent to that of a health professional. Medical files should be kept for a maximum period of 30 years after the last document inserted in the file.

06/11/2017
6
Nov
2017

Clinical Patient Management System - EC

Prior Checking Opinion on the Clinical Patient Management System (CPMS)
of the European Commission (Case 2017-0804)

27/10/2017
27
Oct
2017

Procedure for appointing members of the Management Committee - EIB

Prior Checking Opinion regarding procedure for appointing members of the Management Committee of the European Investment Bank (Case 2017-0411)

20/10/2017
20
Oct
2017

Processing of medical data - CoR

Prior checking Opinion on the processing of medical data by the Medical/Social Service of the Committee of the Regions of the European Union (Case 2017-0185)

19/10/2017
19
Oct
2017

Promotion procedure - CEDEFOP

Prior-checking Opinion regarding the updated notification for the promotion procedure at CEDEFOP (EDPS case 2017-0171)

13/10/2017
13
Oct
2017

Video-surveillance system - EESC and CoR

Prior-checking Opinion regarding the video-surveillance system of the European Economic Social Committee and the Committee of the Regions (Case 2017-0662)

The Opinion regards the rather sophisticated video-surveillance system of the European Economic Social Committee and the Committee of the Regions. In the light of the EDPS Guidelines on Video-surveillance and against the background of a data protection impact assessment conducted, it contains recommendations on covert surveillance (concealed cameras), the collection of special categories of data and applicable retention periods.

06/10/2017
6
Oct
2017

Renewal of temporary and contract agent's contracts - EUIPO

Opinion on the procedure for renewal of temporary and contract agent´s contracts at the European Union Intellectual Property Office (case 2017-0256)

04/10/2017
4
Oct
2017

Early detection and exclusion system database - EC

Prior check opinion regarding early detection and exclusion system database at the EDES-DB (Case 2016-0864)

The EDES-DB is the new system established by the Commission to reinforce the protection of the Union's financial interests and to ensure sound financial management. It replaced the Early Warning System and the Central Exclusion Database as of 1 January 2016. The rules governing EDES can now be found in the revised Financial Regulation for the EU institutions. The EDPS recommends establishing an explicit limited retention period for the further uses of the EDES-DB information envisaged in the notification.

21/09/2017
21
Sep
2017

Recruitment for the selection of staff - CEPOL

Prior-checking Opinion regarding recruitment for the selection of staff at European Union Agency for Law Enforcement Training (CEPOL) (Case 2017-0187)

05/09/2017
5
Sep
2017

Remuneration policies and credits - ECB

Prior check opinion regarding remuneration policies and credits to senior officials of significant entities supervised by the ECB (Case 2017-0358)

As part of its banking supervision role, the European Central Bank has to assess and approve significant supervised entities’ remuneration policies. This may result in adverse consequences to employees of significant supervised entities, possibly excluding them from rights under their employment contracts.

The ECB also has a role to play concerning loans of significant supervised entities to their own employees, which may also result in refusing loans to them, thus excluding them from a contract.

08/08/2017
8
Aug
2017

Automated vehicle license plate recognition - ECB

Prior check opinion regarding automated vehicle license plate recognition at the European Central Bank (Case 2016-0695)

07/08/2017
7
Aug
2017

Whistleblowing Policy - EIOPA

Prior-check Opinion on EIOPA’s Whistleblowing Policy (Case 2017-0466)

Pages