Marché intérieur

 Avis sur la proposition de la Commission de directive du Parlement européen et du Conseil modifiant la directive 2005/36/CE relative à la reconnaissance des qualifications professionnelles et le règlement […] concernant la coopération administrative par l’intermédiaire du système d’information du marché intérieur, OJ C 137/01 12.05.2012, p1

Voir aussi le texte de la proposition de directive du Parlement européen et du Conseil modifiant la directive 2005/36/CE relative à la reconnaissance des qualifications professionnelles et le règlement concernant la coopération administrative par l’intermédiaire du système d’information du marché intérieur

The objective of the Proposal is to modernize and amend the existing text of Directive 2005/36/EC (the Professional Qualifications Directive). From the data protection perspective, the two key aspects of the Proposal are (i) the introduction of an alert system and (ii) the introduction on a voluntary basis of a European Professional Card . The processing of personal data in both cases is foreseen to take place via the Internal Market Information System (IMI).

The EDPS welcomes the efforts made in the Proposal to address data protection concerns. The EDPS also welcomes the fact that the use of an existing information system, IMI, is proposed for the administrative cooperation, which already offers, at the practical level, a number of data protection safeguards. Nevertheless, important concerns remain, mainly relating to the alert system, which must remain proportionate.

The EDPS recommends, in particular, that:

• the Proposal should specify unambiguously in which concrete cases alerts can be sent, more clearly define what personal data can be included in alerts, and limit the processing to the minimum that is necessary, taking into account proportionality and balancing of rights and interests;
• in this respect, the Proposal should unambiguously specify that alerts can only be sent after a decision has been made by a competent authority or a court in a Member State prohibiting an individual to pursue his or her professional activities in its territory;
• specify that the content of the alert must not contain more specific information regarding the circumstances and reasons for the prohibition;
• clarify and limit to the minimum strictly necessary, the period for which alerts are retained; and
• ensure that alerts are only sent to competent authorities in Member States and that these authorities shall keep alert information received confidential and not further distribute or publish it, unless the data were made public in accordance with the law of the sending Member State.

With regard to the European Professional Card and the related ‘IMI-file’, the EDPS recommends further clarifications on the conditions under which information concerning disciplinary action or criminal sanctions or any other serious specific circumstances must be included in the file, and the content of the information to be included, and also recommends clear limitation on the retention periods.

Further, the EDPS recommends that in the long term, if and when the use of Professional Cards and IMI will become widespread, the Commission undertake a review of whether the Article 56a alert systems are still necessary and whether they cannot be replaced by a more limited, and thus, from the data protection point of view, less intrusive, system.

Finally, the EDPS further recommends that the EDPS and Article 29 Working Party where national data protection authorities are also represented be consulted before the adoption of delegated acts referred to in Article 56a(5) and of any other delegated acts adopted under Article 58 which may have an impact on data protection. A data protection impact assessment should precede such consultation.

Lettre sur le dossier "responsabilité d’entreprise" adopté par la Commission le 25 Octobre 2011

Avis sur une proposition de la Commission de règlement du Parlement européen et du Conseil concernant la coopération administrative par l'intermédiaire du système d'information du marché intérieur ('IMI'), OJ C 48/02, 18.02.2012, p.2

Voyez aussi la "Proposition de règlement du Parlement européen et du Conseil concernant la coopération administrative par l’intermédiaire du système d’information du marché intérieur (‘règlement IMI’)"

In this Opinion the European Data Protection Supervisor (EDPS) provides a series of recommendations to further strengthen the data protection framework for the Internal Market Information System ('IMI'). The EDPS supports a consistent approach to data protection in establishing an electronic system for the exchange of information, including relevant personal data.

The EDPS welcomes the fact that the Commission has proposed a horizontal legal instrument for IMI in the form of a Parliament and Council Regulation (*), which aims at comprehensively highlighting the most relevant data protection issues for IMI. The EDPS cautions that establishment of a single centralized electronic system for multiple areas of administrative cooperation also creates risks. With regard to the legal framework for IMI to be established in the proposed Regulation, the EDPS calls attention to two key challenges: the need to ensure consistency, while respecting diversity, and the need to balance flexibility and legal certainty.

The EDPS acknowledges the need for flexibility to cover administrative cooperation in different policy areas but insists that this flexibility should be accompanied by legal certainty. Against this background, the EDPS recommends that functionalities of IMI that are already foreseeable should be further clarified and that the inclusion of new functionalities should require appropriate procedural safeguards, such as preparation of a data protection impact assessment and consultation of the EDPS and national data protection authorities.

The Opinion also calls for further strengthening of data subjects´ rights and for reconsideration of the extension of the currently applicable 6-months retention period unless adequate justifications are provided.

Finally, the EDPS welcomes the provisions on coordinated supervision and recommends that these should be further strengthened in order to guarantee effective and active cooperation among the data protection authorities involved.

Background information

IMI is an online application that allows national, regional and local authorities in European Union Member States to communicate quickly and easily with their counterparts in other European countries. IMI helps users find the right authority to contact in another country and communicate with them using pre-translated sets of standard questions and answers. IMI is designed as a flexible system that can be used for many pieces of single market legislation. Currently, it covers the following instruments: the Professional Qualifications Directive (2005/36/EC) and the Services Directive (2006/123/EC).

Avis sur la neutralité du net, la gestion du trafic et la protection de la vie privée et des données personnelles, OJ C 34/01, 08.02.2012, p.1

Avis sur la proposition de directive du Parlement européen et du Conseil concernant les contrats de crédit relatifs aux biens immobiliers à usage résidentiel, OJ C 377/02, 23.12.2011, p.5