European Data Protection Supervisor
European Data Protection Supervisor

An important and welcome step towards stronger and more effective data protection in Europe

An important and welcome step towards stronger and more effective data protection in Europe


An important and welcome step towards stronger and more effective data protection in Europe

The European Data Protection Supervisor (EDPS) welcomes the outcome of the vote last night by the European Parliamentary Committee on Civil Liberties, Justice and Home Affairs (LIBE) on the data protection reform package.

Peter Hustinx, EDPS, says: "The vote by the LIBE Committee is an important step towards stronger and more effective data protection in Europe. We commend the European Parliament for facing its responsibility head on in this essential but complex piece of legislation. We are well aware of the differences of opinion over it and the text that was ultimately voted on by the LIBE committee, had necessarily to be a compromise. Nevertheless, the result is a positive step for further progress to be made. It is essential that the European Union acts quickly so that political agreement is reached before the European Parliament elections. We now look to the Council to maintain the momentum with equal vigour and purpose.”

The current goal is to adopt the package before the European Parliament elections in Spring 2014 and the EDPS urges the legislator to adopt the package as soon as possible as a new Parliament may mean that examination of the proposals would have to begin afresh.

The importance of these proposals has become more apparent to individuals all over Europe since the Edward Snowden revelations. Now more than ever, it is clear that we are facing an existential challenge to our fundamental rights and liberties. Individuals should be able to rely on authorities and governments and once adopted, these proposals will give citizens better enforceable rights to privacy and data protection: citizens should expect to be given clear information on how their personal information will be used by companies. They will also have the right to ask companies to erase their data unless such a request conflicts with freedom of expression and of the press.

For industry, the one-stop-shop approach - through the appointment of a lead authority to monitor their activities across all member states - will help to ensure consistency and speed up the process in cases of complaints.

Background information

Privacy and data protection are fundamental rights in the EU. Under the Data Protection Regulation (EC) No 45/2001, one of the duties of the EDPS is to advise the European Commission, the European Parliament and the Council on proposals for new legislation and a wide range of other issues that have an impact on data protection. Furthermore, EU institutions and bodies processing personal data presenting specific risks to the rights and freedoms of individuals ('data subjects') are subject to prior-checking by the EDPS. If in the opinion of the EDPS, the notified processing may involve a breach of any provision of the Regulation, he shall make proposals to avoid such a breach.

EU Data Protection Reform package: on 25 January 2012, the European Commission adopted its reform package, comprising two legislative proposals: a general Regulation on data protection (directly applicable in all Member States) and a specific Directive (to be transposed into national laws) on data protection in the area of police and justice. In addition to his opinion of 7 March 2012 elaborating his position on both proposals, the EDPS sent further comments on 15 March 2013. The two proposals have been discussed extensively in the European Parliament and the Council be. We have continued to have regular contact with the relevant services of the three main institutions throughout this process, either following our comments or opinions to the European Commission or in discussions and negotiations in the European Parliament and Council.

Personal information or data: any information relating to an identified or identifiable natural (living) person. Examples include names, dates of birth, photographs, e-mail addresses and telephone numbers. Other details such as health data, data used for evaluation purposes and traffic data on the use of telephone, email or internet are also considered personal data.

Privacy: the right of an individual to be left alone and in control of information about his or herself. The right to privacy or private life is enshrined in the Universal Declaration of Human Rights (Article 12), the European Convention of Human Rights (Article 8) and the European Charter of Fundamental Rights (Article 7). The Charter also contains an explicit right to the protection of personal data (Article 8).