Avis du CEPD

Avis sur la proposition de règlement du Conseil instituant un régime communautaire de contrôle afin d'assurer le respect des règles de la politique commune de la pêche, JO C 151, 03.07.2009, p. 11

There are different reasons why data protection provisions in the context of this proposal are relevant. First, the proposal foresees the processing of various data, which in certain cases, can be considered as personal data. Moreover, the proposal also foresees transfers of these data and exchanges of information, both between Member States and with the Commission or the Community Fisheries Control Agency. The EDPS also notes that the proposal foresees the use of aggregated data in certain circumstances. All these aspects require respecting the data protection legal framework.

The EDPS welcomes that reference to privacy and data protection is made within the current proposal. However, some amendments are needed in order to provide clear requirements, both for the Member States and for the Commission to address the data protection aspects of the system.

Avis sur la proposition de règlement concernant la création du système "Eurodac" pour la comparaison des empreintes digitales aux fins de l'application efficace du règlement (CE) n° [.../...] (établissant les critère et mécanismes de détermination de l'Etat membre responsable de l'examen d'une demande de protection internationale présentée dans l'un des Etats membres par un ressortissant de pays tiers ou un apatride) [COM(2008) 825], JO C 229, 23.09.2009, p. 6

The Proposal is a revision of the EURODAC Regulation and its implementing regulation, Council Regulation No 407/2002/EC, and it aims at inter alia:

• improving the efficiency of the implementation of the EURODAC Regulation,
• ensuring consistency with the asylum acquis evolved since the adoption of the above-mentioned Regulation,
• updating a number of provisions taking account of factual developments since the adoption of the Regulation,
• establishing a new management framework.

The EDPS supports this Proposal and draws attention to the need to ensure full consistency between the EURODAC and Dublin Regulations. The EDPS sees the need for a better coordination and harmonization at EU level of the procedures for fingerprinting, whether they concern asylum seekers or any other persons subject to the EURODAC procedure. He draws special attention to the question of the age limits for fingerprinting, and in particular the difficulties occurring in several Member States to determine the age of young asylum seekers. The EDPS insists on a clarification of the provisions regarding the rights of the data subjects, and in particular he underlines that the national data controllers are primarily responsible to ensure the application of these rights.

Avis sur la proposition de règlement établissant les critères et mécanismes de détermination de l'Etat membre responsable de l'examen d'une demande de protection internationale présentée dans l'un des Etats membres par un ressortissant de pays tiers ou un apatride [COM(2008) 820 final)], JO 229, 23.09.2009, p. 1

The primary aim of the Proposal is to increase the efficiency of the Dublin system and to ensure higher standards of protection afforded to applicants for international protection subject to the Dublin procedure. Furthermore, it aims to reinforce the solidarity towards those Member States which are faced with situations of particular migratory pressures.

The EDPS supports the Commission's Proposal for a Regulation and shares the understanding of the reasons to revise the existing system. The EDPS considers that some of the observations made in this opinion can be further developed when seeing the practical implementation of the revised system. In particular, he intends to contribute to the definition of implementing measures concerning the exchange of information through the DubliNet.

Avis sur la proposition de directive faisant obligation aux Etats membres de maintenir un niveau minimal de stocks de pétrole brut et/ou de produits pétroliers, JO C 128, 06.06.2009, p. 42

The current issue serves as a good illustration of the fact that there should be a constant awareness of the rules on data protection. In a situation which concerns Member States and their obligation to hold emergency oil stocks, which are owned mainly by legal entities, the processing of personal data is not very obvious, but, even though it is not envisaged as such, it can still take place. One should in any case consider the likelihood of personal data processing taking place and act accordingly.

Deuxième avis relatif au réexamen de la directive 2002/58/CE concernant le traitement des données à caractère personnel et la protection de la vie privée dans le secteur des communications électroniques (directive "vie privée et communications électroniques"), JO C 128, 06.06.2009, p. 28

This Opinion follows upon a first EDPS Opinion, as well as Comments, in which recommendations were made to help ensure that the proposed changes effectively provide for the best possible protection of personal data.

This Second Opinion comes as a response to the Council's Common Position which, on a number of critical points, fails to endorse some of the data protection safeguards proposed by the European Parliament and the European Commission or previously recommended by the EDPS. The recommendations presented in this Opinion aim at streamlining some of the provisions of the Directive, while at the same time ensuring an adequate level of data protection and privacy.

The Opinion particularly focuses on the provisions relating to the setting up of a mandatory security breach notification system for which the Supervisor believes there is still some room for improvement.