European Data Protection Supervisor
A new generation of data protection standards is being promulgated by the European Union. Almost one year ago, the adoption of the General Data Protection Regulation (GDPR) and the Directive for the police and justice sectors represented the most ambitious endeavour of the EU legislator so far to secure the fundamental rights of the individual in the digital era.
Today we publish the priorities for our policy and consultation role in 2017.
If you believe the words sometimes attributed to Gandhi, law is codified ethics. But effective laws and standards of ethics are guidelines accepted by members of a society, and these require a social consensus. I believe that technology is changing or at the very least influencing our ethics and it’s a phenomenon we need to urgently address.
All EU staff are obliged to abide by their Staff Regulations, which outline the rules, principles and working conditions expected from them. But what happens if an EU staff member breaks these rules?
The ancient city of Marrakech was founded by the Almoravid dynasty at the beginning of the 11th century, as a centre for trade and craftsmanship. One century later, another mythical city, Timbuktu, was founded for similar reasons, in what is now known as the sub-Saharan state of Mali. As the location of the 38th International Privacy Conference, Marrakech aimed to set a precedent once again, this time through opening up the doors to privacy beyond the western world. The Conference took place from 17-20 October this year and the EDPS once again played an active part.
Despite its name, artificial intelligence (A.I.) is a reality and though much hyped, has woven its way into everyday life: navigation systems, spam filters, weather forecasts to name but a few. Such is the potential influence of A.I. that it can be found on the political agenda and both the White House and the House of Commons have published reports on the subject.
In October, the European Court of Justice ruled that, in many cases, the data collected by web servers, such as the IP addresses of users, is personal data. The decision underlined the need to put in place adequate safeguards to protect personal data when operating websites and other online services.
Yesterday, the 40th meeting between the EDPS and the DPOs from the EU institutions and bodies took place at the European Union Intellectual Property Office (EUIPO) in Alicante. I congratulate EUIPO for hosting a very successful meeting, I truly valued the opportunity to interact with our data protection partners and reinforce our collaboration.
Last week, in partnership with our co-hosts, the European Consumer Organisation, BEUC, we brought together high-level experts from across a spectrum of policy areas to talk about the future of our freedom and privacy online. It was a full house of regulators, legal counsel, technologists and non-government organisations, and a full day of intense debate ranging between subjects as diverse as merger control, indigestible privacy policies and encryption.
From the very beginning, data protection has been about the processing of personal data by means of technology. When the first data protection laws were adopted in the 1970s, computers were just starting to become standard tools in business and public administration. The Internet had just been invented and was only accessible to a few researchers and computer specialists