La sécurité de l’information est un moteur essentiel pour la protection de la vie privée et des données à caractère personnel. De plus, la plupart des organisations doivent faire face à un paysage en perpétuelle mutation affectant leurs activités. Les incertitudes engendrées par de tels changements auront une incidence sur la manière dont l'organisation doit réagir afin de s'assurer que ses informations sont dûment protégées. Par conséquent, un cadre spécifique permettant aux responsables de la sécurité de l'information de gérer les incertitudes susceptibles d'affecter, avec le temps, la sécurité des informations de leur organisation est nécessaire. Un tel cadre d'organisation spécifique est qualifié de processus de gestion des risques relatifs à la sécurité des systèmes d'information.
Il existe trois éléments généralement acceptés pour assurer de façon adéquate la sécurité de l’information :
la confidentialité : afin que seules les bonnes personnes aient accès à l’information ;
l’intégrité : afin que seules les bonnes personnes puissent actualiser les informations de façon adéquate ; et
la disponibilité : les informations sont disponibles lorsqu’elles sont nécessaires.
Avis sur la proposition de règlement du Parlement européen et du Conseil portant création d'une agence pour la gestion opérationnelle des systèmes d'information à grande échelle dans le domaine de la liberté, de la sécurité et de la justice, et sur la proposition de décision du Conseil confiant à l'agence les tâches relatives à la gestion opérationnelle du SIS II et du VIS en application du titre VI du Traité UE, JO C 70, 19.03.2010, p.13
Avis concernant la communication de la Commission sur le plan d'action pour le déploiement de systèmes de transport intelligents en Europe et la proposition de directive du Parlement européen et du Conseil établissant le cadre pour le déploiement de systèmes de transport intelligents dans le domaine du transport routier et d'interfaces avec d'autres modes de transport, JO C 47, 25.02.2009, p. 6
The EDPS has adopted an opinion on the European Commission's proposed deployment plan for intelligent transport systems (ITS) in Europe that was adopted in December 2008 to accelerate and coordinate their deployment in road transport and their connection with other modes of transport. The deployment of ITS has considerable privacy implications, for instance because these systems make it possible to track a vehicle and to collect a wide variety of data relating to European road users' driving habits.
The EDPS notes that data protection has been taken into consideration in the proposed legal framework and that it is also put forward as a general condition for the proper deployment of ITS. He however underlines that the Commission's proposal is too broad and too general to adequately address the privacy and data protection concerns raised by ITS deployment in the Member States. In particular, it is not clear when the performance of ITS services will lead to the collection and processing of personal data, what are the purposes and modalities for which data processing may take place, or who will be responsible for compliance with data protection obligations.
The EDPS opinion includes the following main recommendations:
clarification of responsibilities: it is crucial to clarify the roles of the different actors involved in ITS in order to identify who will bear the responsibility of ensuring that systems work properly from a data protection perspective (who is the data controller?);
safeguards for the use of location technologies: appropriate safeguards should be implemented by data controllers providing ITS services so that the use of location technologies is not intrusive from a privacy viewpoint. This should notably require further clarification as to the specific circumstances in which a vehicle will be tracked, strictly limiting the use of location devices to what is necessary for that purpose, and ensuring that location data are not disclosed to unauthorized recipients;
"privacy by design" approach: the EDPS recommends to consider privacy and data protection from an early stage of the design of ITS to define the architecture, operation and management of the systems. Privacy and security requirements should be incorporated within standards, best practices, technical specifications and systems.
Background information ITS apply information and communication technologies (satellite, computer, telephone, etc.) to transport infrastructure and vehicles with the intention to make transport safer and cleaner and to reduce traffic congestion. ITS applications and services are based on the collection, processing and exchange of a wide variety of data, both from public and private sources, including information on traffic and accidents but also personal data, such as the driving habits and journey patterns of citizens. Their deployment will also rely to a large extent on the use of geolocalisation technologies, such as satellite-positioning and RFID tags. As such, ITS constitute a "data-intensive area" and raise a number of privacy and data protection issues that should be carefully addressed in order to ensure the workability of ITS across Europe.
Avis sur la proposition de directive relative aux normes de qualité et de sécurité des organes humains destinés à la transplantation, JO C192, 15.08.2009, p. 6
The proposal provides for national quality programmes to advance organs donation and transplantation, including a traceability mechanism to ensure that all organs can be traced from donation to reception and vice versa. The proposed procedure involves the collection and circulation of health data, which are regarded as sensitive and therefore fall under the stricter rules of EU data protection legislation.
The EDPS welcomes the attention given in the proposal to the data protection needs arising both for the donors and the recipient of organs, especially as concerns the requirement for keeping their identities confidential. He however recommends to further emphasize the need for reinforced protection of the donors' and recipients' personal data throughout the organs traceability chain established within the proposal. This can be achieved with the application of strong organisational and technical security measures, both in the national donors and recipients databases, as well as in the cross-border exchange of organs.
Basic principles for national security measures may include the following:
adoption of a specific information security policy;
definition of a confidentiality and access control policy, together with data confidentiality guarantees for the persons involved in the processing;
addressing security mechanisms in the national databases, based on the concept of "privacy by design" (i.e. application of data protection requirements as early as possible in the life cycle of new technological developments);
ensuring regular monitoring and independent audits of the security policies in place.
With regard to the cross-border exchange of organs, the need for harmonizing information security policies among Member States should be further stressed. In addition, special attention should be paid to the possibilities of indirect identification of donors and recipients' data (pseudonymisation). The EDPS also recommends specific consultation with the national data protection authority when organs are exchanged with third countries.
Avis concernant la proposition de règlement modifiant le règlement (CE) n° 2252/2004 du Conseil établissant des normes pour les éléments de sécurité et les éléments biométriques intégrés dans les passeports et les documents de voyage délivrés par les Etats membres, JO C 200, 06.08.2008, p. 1
On 26 March 2008, the EDPS adopted an opinion on the Commission's proposal aiming at revising the 2004 Council Regulation that sets out minimum standards for security features and biometrics in passports and travel documents.
The EDPS welcomes the introduction of exemptions from giving fingerprints based on the age of the person or his/her inability to provide fingerprints. However, he still considers these exemptions as insufficient to remedy the imperfections of biometrics, such as the impact of misidentification or failure to enrol. The EDPS' opinion includes the following recommendations:
fingerprints from children: the proposed six-year age limit should be considered as a provisional one, or brought in line with international practice (14 years). After three years, the age limit should be reviewed and defined by an in-depth study which is to identify the accuracy of the systems obtained under real conditions;
fingerprints from the elderly: an age limit for elderly, based on similar experiences already in place (79 years), should be introduced as an additional exemption;
principle of "one person-one passport": this principle should be applied only to children above the relevant age limit;
"breeder" documents: additional measures should be proposed to harmonise the production and the use of documents required in Member States to issue passports (“breeder” documents).
The EDPS recalls that exemptions should in no way stigmatize or discriminate individuals who will be exempt, because of their age as a precautionary principle or because they present obviously unreadable fingerprints
Avis sur la proposition de décision du Conseil portant création de l'Office européen de police (Europol) (COM(2006) 817 final), JO C 255, 27.10.2007, p. 13
The objective of the proposal is not a major change in the mandate or the activities of Europol, but mainly to provide Europol with a new and more flexible legal basis. The proposal also contains substantive changes, so as to further improve Europol's functioning. It extends the mandate of Europol and it contains several new provisions, aiming to further facilitate the work of Europol, for instance on the exchange of data between Europol and other bodies of the EC/EU, like Olaf.. The proposal contains specific rules on data protection and data security, additional to the general legal framework on data protection for the third pillar that has not yet been adopted. Other changes will bring the position of Europol more in line with other bodies of the EU.
The EDPS-opinion suggests a number of improvements and concludes moreover that the Council Decision should not be adopted before the adoption by Council of a framework on data protection, guaranteeing an appropriate level of data protection.
