In the course of 2012, we once again set new benchmarks in different areas of activity. In the supervision of EU institutions and bodies, when processing personal data, we interacted with more data protection officers in more institutions and bodies than ever before. In addition, we saw the effects of our new enforcement policy: most EU institutions and bodies, including many agencies, are making good progress in complying with the Data Protection Regulation, although there are still some which should increase their efforts.
In the consultation of new legislative measures, we issued a record number of opinions on a wide range of subjects. The Review of the EU legal framework for data protection was at the top of our agenda. However, the implementation of the Stockholm programme in the area of freedom, security and justice and the Digital Agenda, as well as issues in the internal market, such as financial sector reform and in public health and consumer affairs, also had an impact on data protection. We also increased our cooperation with other supervisory authorities.
You can get a paper version of this Annual Report from the EU Bookshop.
2018 was a busy year for the EDPS and a pivotal year for data protection in general. Under new data protection rules, the rights of every individual living in the EU are now better protected than ever. Public awareness about the value of online privacy is at an all-time high.
The 2018 Annual Report provides an insight into all EDPS activities in 2018. Chief among these were our efforts to prepare for the new legislation. The General Data Protection Regulation (GDPR) became fully applicable across the EU on 25 May 2018 and new data protection rules for the EU institutions are also now in place. Working with the new European Data Protection Board (EDPB), the EDPS aims to ensure consistent protection of individuals’ rights, wherever they live in the EU.
Full text of Annual Report (HTML): EN
Opinion on the draft Council Regulation (EC) laying down the form of the laissez-passer to be issued to members and servants of the institutions, OJ C 313, 20.12.2006, p. 36
The EDPS also stresses that the interoperability of the system with third countries' systems must not breach the purpose limitation principle of the processing of data. Moreover, the opinion also addresses the question of access by third countries.
Opinion on the proposal for a Council Decision establishing the European Police Office (Europol)(COM(2006) 817 final), OJ C 255, 27.10.2007, p. 13
Opinion on the proposal for a Regulation laying down the procedure for implementing Regulation (EC) No 883/2004 on the coordination of social security systems (COM(2006) 16 final), OJ C 91, 26.04.2007, p. 15
The EDPS welcomed the proposal to the extent that it aims at favouring the free movement of citizens and improving the standard of living and conditions of employment of those moving within the Union. With a view to ensuring a high level of data protection, the EDPS recommends: paying utmost attention to basic data protection principles such as purpose limitation as well as proportionality in data processed, bodies authorised to process data and retention periods; ensuring that each proposed mechanism of processing and transmission of personal data is clearly based on specific legal grounds; providing the concerned persons with relevant information on the processing of their personal data.
Opinion on the Communication from the Commission to the European Parliament and the Council on an Area of freedom, security and justice serving the citizen, OJ C 276, 17.11.2009, p. 8
The EDPS has adopted an opinion on the European Commission's Communication of 10 June 2009 entitled “An area of freedom, security and justice serving the citizen”. The Communication is the Commission's contribution to the discussions on the new EU programme for the next five years in the area of justice and home affairs, the so called Stockholm programme, which is due to be adopted by the European Council in December 2009.
The EDPS supports the attention that has been devoted in the Communication to the protection of fundamental rights, and in particular the protection of personal data, as one of the key issues of the future framework for EU action on the questions of citizenship, justice, security, asylum and immigration. He fully endorses the Commission's view that more emphasis should be given to data protection in the areas concerned, and calls for the European Council to follow the same approach when adopting the Stockholm multi-annual programme.
Taking the need for protection of fundamental rights as main angle of the analysis, the EDPS opinion focuses on the following issues: