European Data Protection Supervisor
European Data Protection Supervisor

Opinions Prior Check

Opinions Prior Check

Some of the procedures that EU institutions put in place pose risks to the data protection rights and freedoms of individuals.

EU institutions are obliged by the Regulation to notify us before putting in place these risky procedures or data processing operations. They are not required to notify us each time the processing takes place.

Article 27(1) of Regulation (EC) No 45/2001 outlines the types of processing that should be notified to us:

  • The processing of certain special categories of data such as health data in pre-recruitment medical exams;
  • The processing intended to evaluate persons such as in staff appraisals, recruitment and selection of staff or contractors under procurement procedures or external experts;
  • Processing which excludes persons from a right, benefit or contract such as blacklisting for project funding;
  • When data is collected for one purpose and potentially used for another without any legal justification (legal basis) for doing so such as linking databases that serve different purposes.

Where an EU institution is unsure whether to notify us, their data protection officer can consult us for advice to confirm.
Once we have received a notification, we issue recommendations as required, to help the EU institutions make the procedure comply with the data protection rules. Our follow up work includes verifying that our recommendations have been implemented by the institution.

In general, our prior checking Opinions are public, but we may delete sensitive elements where necessary, relating to security for example.

On average we receive around 130 such notifications per year.

Filters

Pages

16/11/2017
16
Nov
2017

Selection of confidential counsellors - EIB

Prior-checking Opinion regarding the selection of confidential counsellors at the European Investment Bank (case 2017-0136)

Confidential counsellors become active in informal anti-harassment procedures, a topic on which the EDPS has published Guidelines. The selection of such counsellors, in this case by the EIB, is subject to prior-checking by the EDPS because it involves an evaluation of the applicants' ability to perform the function, and possibly processing operations related to health. In the case at hand, the EDPS recommended spelling out the modalities of the procedure leading to the selection of confidential counsellors in rules of normative value, including which information on individual counsellors will be made available and which criteria apply to their selection.

15/11/2017
15
Nov
2017

Declaration of accidents at work for local agents working in EU Delegations - EEAS

Prior check Opinion on Complimentary Sickness Insurance for Local Agents in EU Delegations - Declaration of accidents at work at the European External Action Service (Case 2016-0775)

27/10/2017
27
Oct
2017

Procedure for appointing members of the Management Committee - EIB

Prior Checking Opinion regarding procedure for appointing members of the Management Committee of the European Investment Bank (Case 2017-0411)

20/10/2017
20
Oct
2017

Traitement des données médicales au sein du Service médico-social - CdR

Avis de contrôle préalable concernant le traitement des données médicales au sein du Service médico-social du Comité des régions de l’Union européenne (dossier CEPD 2017-0185)

19/10/2017
19
Oct
2017

Promotion procedure - CEDEFOP

Prior-checking Opinion regarding the updated notification for the promotion procedure at CEDEFOP (EDPS case 2017-0171)

13/10/2017
13
Oct
2017

Video-surveillance system - EESC and CoR

Prior-checking Opinion regarding the video-surveillance system of the European Economic Social Committee and the Committee of the Regions (Case 2017-0662)

The Opinion regards the rather sophisticated video-surveillance system of the European Economic Social Committee and the Committee of the Regions. In the light of the EDPS Guidelines on Video-surveillance and against the background of a data protection impact assessment conducted, it contains recommendations on covert surveillance (concealed cameras), the collection of special categories of data and applicable retention periods.

04/10/2017
4
Oct
2017

Early detection and exclusion system database - EC

Prior check opinion regarding early detection and exclusion system database at the EDES-DB (Case 2016-0864)

The EDES-DB is the new system established by the Commission to reinforce the protection of the Union's financial interests and to ensure sound financial management. It replaced the Early Warning System and the Central Exclusion Database as of 1 January 2016. The rules governing EDES can now be found in the revised Financial Regulation for the EU institutions. The EDPS recommends establishing an explicit limited retention period for the further uses of the EDES-DB information envisaged in the notification.

21/09/2017
21
Sep
2017

Recruitment for the selection of staff - CEPOL

Prior-checking Opinion regarding recruitment for the selection of staff at European Union Agency for Law Enforcement Training (CEPOL) (Case 2017-0187)

05/09/2017
5
Sep
2017

Remuneration policies and credits - ECB

Prior check opinion regarding remuneration policies and credits to senior officials of significant entities supervised by the ECB (Case 2017-0358)

As part of its banking supervision role, the European Central Bank has to assess and approve significant supervised entities’ remuneration policies. This may result in adverse consequences to employees of significant supervised entities, possibly excluding them from rights under their employment contracts.

The ECB also has a role to play concerning loans of significant supervised entities to their own employees, which may also result in refusing loans to them, thus excluding them from a contract.

08/08/2017
8
Aug
2017

Automated vehicle license plate recognition - ECB

Prior check opinion regarding automated vehicle license plate recognition at the European Central Bank (Case 2016-0695)

07/08/2017
7
Aug
2017

Whistleblowing Policy - EIOPA

Prior-check Opinion on EIOPA’s Whistleblowing Policy (Case 2017-0466)

28/07/2017
28
Jul
2017

Office Indoor Climate Survey - CoR

Prior Checking Opinion "Office Indoor Climate Survey" at the Committee of Regions (Case 2017-0676)

Topics:
28/07/2017
28
Jul
2017

Selection procedure - FRA

Prior check opinion regarding selection procedure of the members of the Advisory Panel at the Fundamental Rights Agency (Case 2017-0427)

26/07/2017
26
Jul
2017

360° feedback exercise - EASME

Prior-checking Opinion regarding 360° feedback exercise for managers in the Executive Agency for Small and Medium-sized Enterprises (Case 2017-0588)

11/07/2017
11
Jul
2017

Whistleblowing Procedure - EP

Prior-checking Opinion on the European Parliaments Whistleblowing Procedure (EDPS case 2017-0379)

07/07/2017
7
Jul
2017

Initial Processing in the event of Whistleblowing - CJUE

Prior Checking Opinion on Initial Processing in the event of Whistleblowing (Case 2017-0304)

27/06/2017
27
Jun
2017

Probation periods - EIF

Prior-checking Opinion regarding probation periods and the e-probation tool at the European Investment Fund (Case 2015-1107)

During the probation evaluation of a staff member and the adoption of the probation report, the EIF processes personal data of that staff member. To ensure transparency and fairness, information on this processing should be provided to the concerned individuals through a specific data protection notice. This notice should be made available on the Intranet. A link to the notice should also be added to the respective forms, reports and/or to the messages sent to the staff members in the different stages of probation evaluation. The notice should also clearly set out the procedures for granting individuals' rights, including also information on within which time limit a reaction can be expected from the EIF to the requests of the individuals. Staff members should be granted access to all their data kept in their personal file and in the electronic database, even after the end of employment. While letters containing probation decisions would need to be kept throughout the career of a staff member, probation reports may not necessarily remain relevant during the whole career. The retention of probation reports up to five years after the end of a particular appraisal procedure would be considered appropriate.

21/06/2017
21
Jun
2017

Whistleblowing procedure - EDA

Prior check opinion on EDA’s Whistleblowing procedure (Case 2017-0381)

12/06/2017
12
Jun
2017

Selection, recruitment and administrative management of contract agents - EEAS

Prior-checking Opinion regarding selection, recruitment and administrative management of contract agents in EU Delegations (Case 2016-0770)

07/06/2017
7
Jun
2017

Video-surveillance - GSA

Prior-checking Opinion regarding video-surveillance at the GSA headquarters (Case 2016-1052)

Pages