Today, the EDPS published its Annual Report 2021. The report highlights the EDPS’ achievements regarding European Union institutions’ (EU institutions) compliance with the data protection framework. The Report also underscores the EDPS’ increasing role in advocating for the respect of privacy and data protection in EU legislation.
Wojciech Wiewiórowski, EDPS, said: “A couple of years have now passed since the entry into application of a set of EU data protection laws. Sufficient time has passed to expect EU institutions to fully comply with these laws. The EDPS wants strong EU institutions. This strength can, however, only be based on the full respect of the applicable laws. No other foundation can bring results in the long term.”
In 2021, the EDPS increased the use of its corrective powers. Amongst the enforcement actions taken by the EDPS this year, particular significance is attributed to the Decision to order Europol to delete datasets with no established links to criminal activity, which the EDPS sees in the context of respecting the rule of law and upholding a mature checks and balances system.
This year was also unprecedented in terms of EDPS advice given to the EU legislator. With 88 Opinions, including Formal Comments, issued in 2021, compared to 27 in 2020, the EDPS addressed a record number of legislative consultations. This increase demonstrates a recognised importance of embedding data protection in EU law. Looking beyond the landscape of the EU institutions, the EDPS has also actively maintained its cooperation with civil society, academia, and various other stakeholders.
In the spirit of joint responsibility for the success of the General Data Protection Regulation, the EDPS also continued its active participation in the European Data Protection Board’s work, by proposing or partaking in a variety of initiatives.
Given the increase of cyberattacks worldwide, the EDPS furthered its work on raising awareness about personal data breaches to assist EU institutions in preventing and handling them.
Wojciech Wiewiórowski, EDPS, said: “In turbulent times like these, it is crucial that we work to support one another in order to safeguard the freedoms that all citizens should be afforded. At the EDPS, we see the European Union as a community defined by values, not borders, be it artificial or physical”.
For the EDPS, this belief is a motivation to further our efforts. The EDPS hopes this will be shared more broadly amongst EU institutions.
The rules for data protection in the EU institutions, as well as the duties of the European Data Protection Supervisor (EDPS), are set out in Regulation (EU) 2018/1725.
Wojciech Wiewiórowski (EDPS), was appointed by a joint decision of the European Parliament and the Council on to serve a five-year term, beginning on 6 December 2019.
About the Annual Report: According to Article 60 of Regulation (EU) 2018/1725, “the European Data Protection Supervisor shall submit an annual report on his or her activities to the European Parliament, to the Council and to the Commission and at the same time make it public.” “The European Data Protection Supervisor shall forward the report to other institutions and bodies, which may submit comments with a view to possible examination of the report by the European Parliament”.
Personal data: see EDPS Glossary
Processing personal data: see EDPS Glossary
Privacy: the right of an individual to be left alone and in control of information about his or herself. The right to privacy or private life is enshrined in the Universal Declaration of Human Rights (Article 12), the European Convention of Human Rights (Article 8) and the European Charter of Fundamental Rights (Article 7). The Charter also contains an explicit right to the protection of personal data (Article 8).