Today, the European Data Protection Supervisor (EDPS) adopted his opinion on the Commission's Open Data Package, which includes a series of measures to facilitate a wider and innovative re-use of public sector information (PSI). The opinion highlights the need for specific safeguards for data protection whenever PSI contains personal data. It recommends that public sector bodies take a 'proactive approach' when making personal data available for re-use. This would make it possible to make data publicly available, on a case by case basis, subject to conditions and safeguards in compliance with data protection rules.
Peter Hustinx, EDPS, says: "The re-use of PSI containing personal data may bring significant benefits, but also entails great risks to the protection of personal data, due to the wide variety of data held by public sector bodies. The Commission proposal should therefore more clearly define in what situations and subject to what safeguards information containing personal data may be required to be made available for re-use."
In his opinion, the EDPS recommends, among others, that the proposal should:
In addition, the EDPS suggests that the Commission develop further guidance, focusing on anonymisation and licensing, and consult the Article 29 Data Protection Working Party, an advisory body consisting of data protection authorities in EU Member States.
On 12 December 2011, the Commission adopted a proposal for a Directive amending Directive 2003/98/EC on re-use of public sector information (the PSI Directive). The proposal is part of the 'Open-Data Package'. The PSI Directive aims at facilitating the re-use of public sector information throughout the European Union by harmonising the basic conditions for re-use and removing barriers to re-use in the internal market. The EDPS has previously also recommended a 'proactive approach' in his paper on 'Public access to documents containing personal data after the Bavarian Lager ruling', 24 March 2011 (see chapter III on pages 6-11).