The appointment of Wojciech Wiewiórowski as the new European Data Protection Supervisor (EDPS) was confirmed on 5 December 2019. The Pole, who served as Assistant Supervisor under the late Giovanni Buttarelli during the 2014-2019 mandate, takes up his new position today.
Wojciech Wiewiórowski, newly appointed EDPS, said: "I am delighted to have been selected as the new EDPS and look forward to continuing my work with the dedicated and talented team of individuals that make up this small but incredibly important institution. While the EU currently holds considerable influence in the regulation of the digital economy, we cannot take this position for granted, nor allow our standards to slip. With new EU legislation on data protection now in place, our attention must turn to making sure that these rules are fairly enforced and that Europeans are in control of their own data."
Mr. Wiewiórowski’s appointment as EDPS was confirmed by a joint decision of the European Parliament and the Council, following a rigorous selection process launched earlier this year. A well-respected figure in the field of data protection, he previously served as Inspector General of the Polish Data Protection Authority (GIODO) and as Vice Chair of the Article 29 Working Party, before taking up the position of Assistant EDPS in December 2014, under previous EDPS Giovanni Buttarelli.
The appointment of Wojciech Wiewiórowski as Supervisor will ensure a smooth transition to a new mandate for the EDPS, allowing the institution to follow through on important initiatives launched over the past five years. Much as his predecessor, Mr. Wiewiórowski has placed considerable emphasis on the need to ensure respect for human dignity, stressing that the principal aim of data protection is not to protect personal data itself, but to protect the individuals connected to this data.
While preserving continuity, the EDPS will also evolve under Mr. Wiewiórowski’s leadership, with the focus moving from opening a new chapter for EU data protection to consolidating Europe’s position as a leading regulator of the digital economy. With Regulation 2018/1725, which sets out the rules for data protection in the EU institutions, approaching its first anniversary, the new EDPS is expected to use the strong set of powers granted to his institution under the Regulation to full effect, with a clear emphasis on ensuring the best outcome for the individuals EDPS exists to protect.
A particular focus on ensuring a smart and innovative European administration is also to be anticipated. The new EDPS believes that the EU should be able to make full use of new technologies and business models, while also ensuring respect for the protection of personal data and privacy. Providing objective and informed advice on how the EU should respond to challenges such as the development and deployment of Artificial Intelligence (AI) systems, biometrics and facial recognition, blockchain and quantum computing and encryption techniques will also be a focus of his work.
The first priority for the new EDPS, however, will be to define a Strategy for his five-year mandate. The Strategy will set out his vision and priorities and will be published within the first 100 days of his mandate, in March 2020.
Wojciech Wiewiórowski (EDPS) is a member of the institution, appointed by a joint decision of the European Parliament and the Council. Assigned for a five-year term, he will take office on 6 December 2019.
The position of European Data Protection Supervisor is provided for by Regulation (EU) 2018/1725 on the protection of personal data in EU institutions and bodies. Unlike its predecessor, Regulation (EC) No 45/2001, Regulation (EU) 2018/1725 does not provide for the appointment of an Assistant Supervisor.
The selection procedure for the position of EDPS involves the three main EU institutions: the European Commission, the European Parliament and the Council. Following a public call for candidates, an inter-institutional selection board prepares a shortlist of the most competent applicants, who are then interviewed. Subsequently, the selection board forwards a list of recommended candidates to the European Commission for its adoption and submission to the European Parliament and the Council. Hearings then take place in the European Parliament and in the Council in order to evaluate the experience, skills and independence of the candidates. This is followed by discussions in Parliament and Council, and eventually a joint decision.
The Supervisor is chosen from persons whose independence is beyond doubt and who are acknowledged as having solid and long-standing experience in the field of data protection, for example, because they belong or have belonged to national data protection authorities. They are eligible for reappointment.
Articles 41, 42, 52, 57 and 58 of Regulation (EU) 2018/1725 lay down the duties and powers of the EDPS, as well as the institutional independence of the supervisory authority. The general mission of the EDPS is to ensure that the fundamental rights and freedoms of individuals - in particular their rights to data protection and privacy - are respected when the European institutions and bodies process personal data or develop new policies.