During his third year of activities, the EDPS continued to invest in the establishment of an advanced data protection culture within the EC institutions and bodies. Since 2004, almost 150 prior checks of risky processing systems and 25 opinions on proposals for new legislation have been issued. It is now time for the EDPS to broaden his supervisory activities and start to inspect and measure results.
The EU has set up a number of large-scale IT systems including Eurodac; the Visa Information System; the Schengen Information System; the Customs Information System; the Internal Market Information System.
The supervision of these databases is shared between the national Data Protection Authorities and the EDPS.
In order to ensure a high and consistent level of data protection, national DPAs and the EDPS work together to coordinate the supervision of these databases.
While the first year was devoted to setting up the EDPS, the second year was one of consolidation. The office grew slightly and benefited from the establishment of a press service. At the same time, core business work developed, as the EDPS became more known among the EC institutions and bodies. The number of prior checks grew to 34 and a paper on the role of the DPOs was published. Some 6 legislative opinions were presented, mostly relating to the area of "Justice, Freedom and Security".
2004 was the year in which the EDPS was set up, with indispensable assistance from the European Parliament, the Council and the European Commission. Although the legal obligation to respect data protection was not new to the EC institutions and bodies, they face a new situation - being monitored by an independent supervisory authority. The EDPS took a pragmatic approach to enforcing data protection and allowed for a learning period, during which a sound data protection culture can be developed. 2004 also saw the EDPS establishing himself as an advisor to the legislative procedures by issuing his first consultative opinion.