European Data Protection Supervisor
European Data Protection Supervisor

Privacy by Design

Privacy by Design

Data protection by design aims to build data protection and privacy into the design of processing operations and information systems, in order to comply with data protection principles. Organisations are required to take into account the protection of the rights of individuals, both before and during their processing activities, by implementing the appropriate technical and organisation measures to ensure that they fulfil their data protection obligations. To ensure that this key principle of the General Data Protection Regulation is applied in practice, the EDPS will issue guidance documents.

Filters

Pages

29/04/2019
29
Apr
2019

Dark patterns in data protection - Giovanni Buttarelli

'Dark patterns in data protection: law, nudging, design and the role of technology', Speech by Giovanni Buttarelli at Legal Design Roundtable, Brussels, Belgium

26/02/2019
26
Feb
2019

2018 Annual Report - a new era in data protection

2018 was a busy year for the EDPS and a pivotal year for data protection in general. Under new data protection rules, the rights of every individual living in the EU are now better protected than ever. Public awareness about the value of online privacy is at an all-time high.

The 2018 Annual Report provides an insight into all EDPS activities in 2018. Chief among these were our efforts to prepare for the new legislation. The General Data Protection Regulation (GDPR) became fully applicable across the EU on 25 May 2018 and new data protection rules for the EU institutions are also now in place. Working with the new European Data Protection Board (EDPB), the EDPS aims to ensure consistent protection of individuals’ rights, wherever they live in the EU.

Full text of Annual Report (HTML):     EN

Summary (HTML):     DE     EN     FR

Full text of Annual Report (PDF):PDF icon
Summary (PDF):PDF icon
18/07/2018
18
Jul
2018

EDPS Comments on Fisheries Controls

Formal Comments of the EDPS on the Proposal for a Regulation amending Council Regulation (EC) No 1224/2009, and amending Council Regulations (EC) No 768/2005, (EC) No 1967/2006, (EC) No 1005/2008, and Regulation (EU) No 2016/1139 of the European Parliament and of the Council as regards fisheries controls.

31/05/2018
31
May
2018

Privacy by Design

EDPS Preliminary Opinion on Privacy by Design.

06/02/2018
6
Feb
2018

Accountability on the ground: Guidance on documenting processing operations for EU institutions, bodies and agencies

Accountability on the ground: Guidance on documenting processing operations for EU institutions, bodies and agencies (EUIs). These documents provide provisional guidance for controllers and DPO in the EUIs on how to generate records for their processing operations, how to decide whether they need to carry out data protection impact assessments (DPIAs), how to do DPIAs and when to do prior consultations to the EDPS (Articles 31, 39 and 40 of Regulation (EU) 2018/1725).

A provisional version of this text was published in February 2018.

SummaryPDF icon
Part IPDF icon
Part IIPDF icon
25/01/2018
25
Jan
2018

Privacy by Design - Privacy Engineering

Speech by Giovanni Buttarelli on privacy by design and privacy engineering given at the 11th International Computers, Privacy and Data Protection Conference (CPDP), Brussels, Belgium

Wednesday, 27 September, 2017
27
Sep
2017

Newsletter (N°
53
)

In the September 2017 edition of the EDPS Newsletter we cover the EDPS Opinion on the digital single gateway, the investigation of complaints relating to medical data and the latest developments in privacy engineering.
29/03/2017
29
Mar
2017

All we need is L….Privacy by design and by default

Opening speech by Giovanni Buttarelli at RightsCon 2017,  All we need is L….Privacy by design and by default, Brussels, Belgium

15/02/2017
15
Feb
2017

Ex-ante product quality audits - EUIPO

Prior checking Opinion concerning ex-ante product quality audits (Case 2016-0477)

Organisations such as EUIPO ensure the quality of their output in different ways. One such way is checking the quality of decisions before it leaves the organization (ex-ante), recording the error rate and trends in the type and category of errors - and using a database to record this monitoring process.
As staff members remain identifiable in the process and are given feedback at individual level on the basis of this processing operation, this might lead to implications for their performance evaluation(on such processing operations, see EDPS Guidelines in the area of staff evaluation ). This is why the organization needs to comprehensively inform those concerned, grant all data subjects’ rights and ensure the accuracy of the data processed.

20/10/2016
20
Oct
2016

Personal Information Management Systems

EDPS Opinion on Personal Information Management Systems - Towards more user empowerment in managing and processing personal data.

18/10/2016
18
Oct
2016
15/12/2015
15
Dec
2015

Online platforms

EDPS response to the Commission public consultation on the regulatory environment for platforms, online intermediaries, data and cloud computing and the collaborative economy, 15 December 2015

19/11/2015
19
Nov
2015

Meeting the challenges of big data

Meeting the challenges of big data, A call for transparency, user control, data protection by design and accountability

30/07/2015
30
Jul
2015

Strategy 2015-2019

This report sets out the Strategy adopted by the EDPS for the period 2015-2019. As data protection affects almost every EU policy area and is a key factor in legitimising and increasing trust in EU policies, the new EDPS Strategy aims to provide a framework through which to promote a culture of data protection in the European institutions. It also promotes the idea of toolkits for policymakers to help them develop innovative solutions to data protection challenges.

Video

/file/02march2015png_en02_march_2015.png

Giovanni Buttarelli, EDPS and Frans Timmermans, First Vice-President, 2 March 2015
Giovanni Buttarelli, EDPS and Frans Timmermans, First Vice-President, 2 March 2015
Strategy 2015-2019 - Leading by ExamplePDF icon
Speech by Giovanni ButtarelliPDF icon
Press releasePDF icon
Annual Management Plan 2019 Summary - Promoting a new culture of data protectionPDF icon
23/06/2015
23
Jun
2015

mHealth at General Assembly of Association Internationale de la Mutualité

Speaking notes from the speech of Wojciech Wiewiórowski on mHealth given at General Assembly of Association Internationale de la Mutualité, Liège, Belgium

21/05/2015
21
May
2015

Mobile health

Opinion on Mobile Health - Reconciling technological innovation with data protection  

26/11/2014
26
Nov
2014

Drones

Opinion on the Communication from the Commission to the European Parliament and the Council on “A new era for aviation - Opening the aviation market to the civil use of remotely piloted aircraft systems in a safe and sustainable manner”

23/07/2014
23
Jul
2014

Single-member private limited liability companies

Opinion on the Commission Proposal for a Directive of the European Parliament and of the Council on single-member private limited liability companies

03/04/2014
3
Apr
2014

European network of Employment Services

Opinion on the Commission Proposal for a Regulation of the European Parliament and of the Council on a European network of Employment Services, workers' access to mobility services and the further integration of labour markets.

Pages