European Data Protection Supervisor
European Data Protection Supervisor

Security

Security

The EU as a whole and its individual Member States are facing new, varied and complex security threats which are more international and increasingly cross-border in nature. Several legal, and practical tools have been put in place to fight terrorism and cross-border crime. In particular, information exchanges and operational cooperation between law enforcement authorities have been strengthened.

Filters

Pages

24/11/2010
24
Nov
2010

EU Counter-Terrorism Policy: main achievements and future challenges

Opinion on the Communication from the Commission to the European Parliament and the Council concerning the EU Counter-Terrorism Policy: main achievements and future challenges

Tags:
24/11/2010
24
Nov
2010

EU Counter-Terrorism policy: EDPS calls for a systematic and consistent approach to avoid unnecessary restrictions to privacy

Today, the European Data Protection Supervisor (EDPS) issued an opinion on the European Commission's Communication on the EU Counter-Terrorism Policy which outlines the main achievements and future challenges and prepares the way for a broader Internal Security Strategy (*).The Communication is one of a number of documents in which the Commission outlines its future policies in this area. For example, on Monday the Commission issued another Communication on the EU Internal Security Strategy in Action.

Tags:
29/07/2010
29
Jul
2010

Newsletter Nr. 25

Tags:
15/04/2010
15
Apr
2010

E-waste and data protection: EDPS warns against security risks and calls for "privacy by design"

Yesterday, the European Data Protection Supervisor (EDPS) adopted an opinion on the European Commission's proposal to recast the Directive on waste electrical and electronic equipment (WEEE, also referred to as "e-waste") (*),, a proposal that is intensively discussed in the European Parliament and Council, but without consideration of the data protection implications.  

25/01/2010
25
Jan
2010

Comments on international data exchange agreements

Comments of the EDPS on different international agreements, notably the EU-US and EU-AUS PNR agreements, the EU-US TFTP agreement, and the need of a comprehensive approach to international data exchange agreements

Tags:
09/10/2009
9
Oct
2009

Newsletter Nr. 21

Tags:
29/09/2009
29
Sep
2009

Security Support System - Parliament

Opinion of 29 September 2009 on a notification for prior checking concerning the "Security Support System" (Case 2009-225)

The collection of data in the Security Support System has the purpose to provide support to missions outside the three places of work of the EP in case of medical emergencies. The information is provided by the data subject on a voluntary basis. Data will only be used in emergency situations and only given to local health staff if needed.

13/07/2009
13
Jul
2009

Area of freedom, security and justice: EDPS calls for strong emphasis on fundamental rights in future Stockholm Programme

The European Data Protection Supervisor (EDPS) has adopted an opinion on the European Commission's Communication of 10 June 2009 entitled “An area of freedom, security and justice serving the citizen”. The Communication is the Commission's contribution to the discussions on the new EU programme for the next five years in the area of justice and home affairs, the so called Stockholm programme, which is due to be adopted by the European Council in December 2009.

03/07/2009
3
Jul
2009

Negotiations EU-US concerning "SWIFT" data

EDPS Comments on the Recommendation from the Commission to the Council to authorise opening of negotiations between the European Union and the United States of America for an international agreement to make available to the United States Treasury Department financial messaging data to prevent and combat terrorism and terrorist financing

Tags:
29/04/2009
29
Apr
2009

Voice logging at JRC-IE - Commission

Opinion of 29 April 2009 on a notification for prior checking on Voice Logging at the Joint Research Centre Institute for Energy (JRC-IE) in Petten (Case 2008-014)

This case concerned the recording of incoming and outgoing calls as well as records the calling telephone number, the called telephone number, date, time and length of the conversation at the JRC-IE in Petten the purpose of being able to check the content of the calls to the lines concerned in the event of an operational incident, emergencies and to be able to evaluate emergency training exercises at a later stage. These calls may also furnish evidence for investigations into potential threats to the institution.

The EDPS opinion particularly examines the lawfulness of the processing operation as the recording of calls is a violation to the principle of confidentiality of communications. The EDPS acknowledged that the processing was lawful as based on mandatory national legislation applicable in the field of nuclear facilities. The EDPS also made recommendations on the information to the persons concerned notably to external persons calling the switchboard and who must be informed that the communication will be recorded for security purposes at the start of the call.

17/03/2009
17
Mar
2009

Newsletter Nr. 18

Tags:
10/03/2009
10
Mar
2009

Site management and security - ETF

Answer to a notification for prior checking on site management and security (Case 2009-036)

05/03/2009
5
Mar
2009

Organs donation and transplantation: EDPS calls for enhanced security measures at national and cross-border levels

Today, the European Data Protection Supervisor (EDPS) adopted an opinion on the Commission's proposal for a Directive on standards of quality and safety of human organs intended for transplantation. The proposal provides for national quality programmes to advance organs donation and transplantation, including a traceability mechanism to ensure that all organs can be traced from donation to reception and vice versa.

09/01/2009
9
Jan
2009

Second opinion on ePrivacy

Second opinion on the review of Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications), OJ C 128, 06.06.2009, p. 28

Tags:
15/12/2008
15
Dec
2008

Database ARDOS - Commission

Opinion of 15 December 2008 on a notification for prior checking regarding the database ARDOS (Case 2007-380)

The Security Service of the Joint Research Centre (JRC) at Ispra put in place a processing operation called "nulla osta". The purpose of the "nulla osta" procedure is to ascertain and confirm a selected candidate's good conduct. Information collected through this procedure is stored in a database called ARDOS with all documents requested by and presented to the Security Service of the JRC Ispra. It has to be noted that the "nulla osta" processing operation concern the candidates of all JRC sites except Karlsruhe.

The EDPS examined the processing operation and in particular the legal basis provided by the JRC Ispra to conduct such assessment of the candidate's good conduct. The EDPS concluded that the processing operation appears to be in breach of the provisions of Regulation (EC) No 45/2001 unless a clear legal basis is identified, produced or established by the institution. Indeed the processing operation described by the Security Service goes far beyond a checking of the candidate's good conduct, notably by collecting excessive and non relevant data (data quality principle).

The EDPS moreover recommended that in order to ensure compliance with the Regulation, the JRC Ispra should made several amendments to the privacy statement to fully respect the information that should be given to the data subject following Article 12 of the Regulation. The EDPS also insisted on the fact that the retention period foreseen by the institution should be implemented as soon as possible.

20/12/2007
20
Dec
2007

Newsletter Nr. 12

Tags:
20/12/2007
20
Dec
2007

European PNR

Opinion on the Proposal for a Council Framework Decision on the use of Passenger Name Record (PNR) data for law enforcement purposes, OJ C 110, 01.05.2008, p. 1

COM(2007) 654 final of 06.11.2007 PDF icon
Tags:
19/12/2007
19
Dec
2007

Implementing rules of Prüm Initiative

Opinion on the Initiative of the Federal Republic of Germany, with a view to adopting a Council Decision on the implementation of Decision 2007/…/JHA on the stepping up of cross-border cooperation, particularly in combating terrorism and cross-border crime, OJ C 89, 10.4.2008, p. 1

Initiative published in OJ C 267, 9.11.2007, p. 4 PDF icon
28/11/2007
28
Nov
2007

SECPAC - Commission

Answer to a notification for prior checking concerning "SECPAC" at the Joint Research Centre (Case 2007-381)

21/11/2007
21
Nov
2007

Access to buildings - Commission

Answer to a notification of prior checking of a processing for the issuing and checking of passes giving access to the European Commission's buildings in Brussels and Luxembourg (Case 2004-235)

Pages