European Data Protection Supervisor
European Data Protection Supervisor

Urgent reform of EU data protection framework is essential for a connected continent

Urgent reform of EU data protection framework is essential for a connected continent


Urgent reform of EU data protection framework is essential for a connected continent

The German government has been urged to take the lead in pushing forward the reform of the EU rules on data protection by Peter Hustinx, in the last speech of his mandate as European Data Protection Supervisor (EDPS), in Bonn, Germany.

Peter Hustinx, EDPS, said: "Germany claims a special responsibility and role in the area of data protection. The new German government can tackle this subject with the necessary drive and energy and thereby gain acceptance of the German position at European level and lead Europe to a higher level of data protection. However, this will require a constructive and proactive approach in the European debate."

The reformed EU rules on data protection will provide for clearer responsibilities for organisations and more consistency and uniformity in data protection across European online and traditional markets. It is, therefore, essential that progress is made quickly to thwart the attempts serving political and economic interests to restrict the fundamental rights to privacy and data protection.

In his speech on net neutrality in electronic communications, Mr. Hustinx said that it was both right and necessary to have a framework for it at European level because the internet is one of the most important means of cross-border economic and social exchange. However, the Commission proposal for a Regulation on electronic communications will unduly limit internet freedom because of the almost unlimited right the exceptions in the proposal give to providers to manage internet traffic.

The large-scale monitoring and restriction of users’ internet communications made possible in the proposal are contrary to EU data protection legislation as well as the EU Charter of Fundamental Rights. In a democratic society, users should be certain that their rights to privacy, confidentiality of their communications and protection of their personal information are respected. It is essential that these rights are not surrendered for the sake of convenience or through neglect.

The legislative process relating to the market for electronic communications and the reform of data protection, concern key components of the European value system and our understanding of freedom and democracy. Europe must continue to serve as an example to the rest of the world and Germany can play a key role in achieving this.

Background information

Privacy and data protection are fundamental rights in the EU. Data protection is a fundamental right, protected by European law and enshrined in Article 8 of the Charter of Fundamental Rights of the European Union.

More specifically, the rules for data protection in the EU - as well as the duties of the EDPS - are set out in Regulation (EC) No 45/2001. One of the duties of the EDPS is to advise the European Commission, the European Parliament and the Council on proposals for new legislation and a wide range of other issues that have an impact on data protection. Furthermore, EU institutions and bodies processing personal data presenting specific risks to the rights and freedoms of individuals ('data subjects') are subject to prior-checking by the EDPS.

Personal information or data: Any information relating to an identified or identifiable natural (living) person. Examples include names, dates of birth, photographs, video footage, email addresses and telephone numbers. Other details such as IP addresses and communications content - related to or provided by end-users of communications services - are also considered as personal data.

Privacy: the right of an individual to be left alone and in control of information about his or herself. The right to privacy or private life is enshrined in the Universal Declaration of Human Rights (Article 12), the European Convention of Human Rights (Article 8) and the European Charter of Fundamental Rights (Article 7). The Charter also contains an explicit right to the protection of personal data (Article 8).

Net neutrality: Net neutrality refers to the principle that internet service providers or governments should not restrict or interfere with users' access to the internet. Instead they should enable access to all content and applications regardless of the source, user, content, site, platform, application, type of attached equipment and modes of communication.

Internet/online traffic: Internet traffic is the flow of data across the internet, in other words the usage of the internet at any given time, such as accessing a web page.

Internet traffic management: Traffic may be blocked or filtered by internet service providers, for example, to restrict employees from accessing content that is not deemed to be work appropriate, to restrict access to objectionable content or services, to downgrade access in case of congestion, and to prevent or to respond to security attacks.

The full text of Peter Hustinx's speech in Bonn is available on the EDPS website.

The EDPS Opinion and press release on the Commission proposal for a Regulation on the European single market for electronic communications is also available on the EDPS website.

For more information on the EU data protection reform, we refer you to a dedicated section on the EDPS website.