European Data Protection Supervisor
European Data Protection Supervisor

Privacy by Design

Privacy by Design

Data protection by design aims to build data protection and privacy into the design of processing operations and information systems, in order to comply with data protection principles. Organisations are required to take into account the protection of the rights of individuals, both before and during their processing activities, by implementing the appropriate technical and organisation measures to ensure that they fulfil their data protection obligations. To ensure that this key principle of the General Data Protection Regulation is applied in practice, the EDPS will issue guidance documents.

Filters

Pages

18/07/2018
18
Jul
2018

EDPS Comments on Fisheries Controls

Formal Comments of the EDPS on the Proposal for a Regulation amending Council Regulation (EC) No 1224/2009, and amending Council Regulations (EC) No 768/2005, (EC) No 1967/2006, (EC) No 1005/2008, and Regulation (EU) No 2016/1139 of the European Parliament and of the Council as regards fisheries controls.

06/02/2018
6
Feb
2018

Accountability on the ground: Guidance on documenting processing operations for EU institutions, bodies and agencies

Accountability on the ground: Guidance on documenting processing operations for EU institutions, bodies and agencies (EUIs). These documents provide provisional guidance for controllers and DPO in the EUIs on how to generate records for their processing operations, how to decide whether they need to carry out data protection impact assessments (DPIAs), how to do DPIAs and when to do prior consultations to the EDPS (Articles 31, 39 and 40 of Regulation (EU) 2018/1725).

A provisional version of this text was published in February 2018.

SummaryPDF icon
Part IPDF icon
Part IIPDF icon
25/01/2018
25
Jan
2018

Privacy by Design - Privacy Engineering

Speech by Giovanni Buttarelli on privacy by design and privacy engineering given at the 11th International Computers, Privacy and Data Protection Conference (CPDP), Brussels, Belgium

Wednesday, 27 September, 2017
27
Sep
2017

Newsletter (N°
53
)

In the September 2017 edition of the EDPS Newsletter we cover the EDPS Opinion on the digital single gateway, the investigation of complaints relating to medical data and the latest developments in privacy engineering.
29/03/2017
29
Mar
2017

All we need is L….Privacy by design and by default

Opening speech by Giovanni Buttarelli at RightsCon 2017,  All we need is L….Privacy by design and by default, Brussels, Belgium

15/02/2017
15
Feb
2017

Ex-ante product quality audits - EUIPO

Prior checking Opinion concerning ex-ante product quality audits (Case 2016-0477)

Organisations such as EUIPO ensure the quality of their output in different ways. One such way is checking the quality of decisions before it leaves the organization (ex-ante), recording the error rate and trends in the type and category of errors - and using a database to record this monitoring process.
As staff members remain identifiable in the process and are given feedback at individual level on the basis of this processing operation, this might lead to implications for their performance evaluation(on such processing operations, see EDPS Guidelines in the area of staff evaluation ). This is why the organization needs to comprehensively inform those concerned, grant all data subjects’ rights and ensure the accuracy of the data processed.

20/10/2016
20
Oct
2016

Personal Information Management Systems

EDPS Opinion on Personal Information Management Systems - Towards more user empowerment in managing and processing personal data.

18/10/2016
18
Oct
2016
15/12/2015
15
Dec
2015

Online platforms

EDPS response to the Commission public consultation on the regulatory environment for platforms, online intermediaries, data and cloud computing and the collaborative economy, 15 December 2015

19/11/2015
19
Nov
2015

Meeting the challenges of big data

Meeting the challenges of big data, A call for transparency, user control, data protection by design and accountability

30/07/2015
30
Jul
2015

Strategy 2015-2019

This report sets out the Strategy adopted by the EDPS for the period 2015-2019. As data protection affects almost every EU policy area and is a key factor in legitimising and increasing trust in EU policies, the new EDPS Strategy aims to provide a framework through which to promote a culture of data protection in the European institutions. It also promotes the idea of toolkits for policymakers to help them develop innovative solutions to data protection challenges.

Video

/file/02march2015png_en02_march_2015.png

Giovanni Buttarelli, EDPS and Frans Timmermans, First Vice-President, 2 March 2015
Giovanni Buttarelli, EDPS and Frans Timmermans, First Vice-President, 2 March 2015
Strategy 2015-2019 - Leading by ExamplePDF icon
Speech by Giovanni ButtarelliPDF icon
Press releasePDF icon
23/06/2015
23
Jun
2015

mHealth at General Assembly of Association Internationale de la Mutualité

Speaking notes from the speech of Wojciech Wiewiórowski on mHealth given at General Assembly of Association Internationale de la Mutualité, Liège, Belgium

21/05/2015
21
May
2015

Mobile health

Opinion on Mobile Health - Reconciling technological innovation with data protection  

26/11/2014
26
Nov
2014

Drones

Opinion on the Communication from the Commission to the European Parliament and the Council on “A new era for aviation - Opening the aviation market to the civil use of remotely piloted aircraft systems in a safe and sustainable manner”

23/07/2014
23
Jul
2014

Single-member private limited liability companies

Opinion on the Commission Proposal for a Directive of the European Parliament and of the Council on single-member private limited liability companies

03/04/2014
3
Apr
2014

European network of Employment Services

Opinion on the Commission Proposal for a Regulation of the European Parliament and of the Council on a European network of Employment Services, workers' access to mobility services and the further integration of labour markets.

12/03/2014
12
Mar
2014

EU-wide real-time traffic information services

Letter regarding the Public consultation on the provision of EU-wide real-time traffic information services under Directive 2010/40/EU


Annex 2 - EDPS Formal comments on the Commission Delegated Regulations supplementing Directive 2010/40/EU of the European Parliament and the Council with regard to "Data and procedures for the provision, where possible, of road safety related minimum universal traffic information free of charge to users" and "Provision of information services for safe and secure parking places for trucks and commercial vehicles"

Annex 1 - EDPS Opinion of 22 July 2009 on Intelligent Transport SystemsPDF icon
Annex 2 - EDPS Formal comments of 13 June 2013PDF icon
13/01/2014
13
Jan
2014

Video-surveillance: EDPS welcomes improvements in EU bodies

In a report issued today, the European Data Protection Supervisor (EDPS) highlights his overall satisfaction with the video-surveillance systems of four Luxembourg-based EU bodies that were inspected on 9 and 10 July 2013.

05/12/2013
5
Dec
2013

Payment services

Opinion on a proposal for a Directive of the European Parliament and of the Council on payment services in the internal market amending Directives 2002/65/EC, 2006/48/EC and 2009/110/EC and repealing Directive 2007/64/EC, and for a Regulation of the European Parliament and of the Council on interchange fees for card-based payment transactions

Pages