European Data Protection Supervisor
European Data Protection Supervisor

Search

Search

Publication The use of ECAS - EBA

Monday, 19 December, 2016
19
Dec
2016

Letter of 19 December 2016 concerning the European Commission Authentication System (ECAS) at European Banking Authority (EBA) (Case 2016-1113)

Publication Geographic Information System - ECDC

Tuesday, 17 January, 2017
17
Jan
2017

Prior-checking opinion regarding test run of the Geographic Information System tool at ECDC (2016-0759)

Register 2016-0759

Register Number Case Number Institution Description Opinion date Opinion
1388
2016-0759
Health data
Tue, 17/01/2017
Link

Press Release The EU as a beacon of respect for data protection and privacy

28/01/2015
28
Jan
2015

Europe needs to be at the forefront in shaping a global, digital standard for privacy and data protection which centres on the rights of the individual, said the new European Data Protection Supervisor (EDPS) today. Speaking on the occasion of Data Protection Day, Mr. Giovanni Buttarelli encouraged the European Union (EU) to lead by example as a beacon of respect for digital rights.

Register 2016-1113

Register Number Case Number Institution Description Opinion date Opinion
1416
2016-1113
Outside access to ECAS
Mon, 19/12/2016
Link

Publication Turbine (TrUsted Revocable Biometric IdeNtitiEs)

Tuesday, 1 February, 2011
1
Feb
2011

Opinion on a research project funded by the European Union under the Seventh Framework Programme (FP7) for Research and Technology Development - Turbine (TrUsted Revocable Biometric IdeNtitiEs)

Publication Application of the law on customs and agricultural matters

Tuesday, 11 March, 2014
11
Mar
2014

Opinion on the Proposal for a Regulation of the European Parliament and of the Council amending Regulation (EC) No 515/97 of 13 March 1997 on mutual assistance between the administrative authorities of the Member States and cooperation between the latter and the Commission to ensure the correct application of the law on customs and agricultural matters    

Publication EDPS Comments on review of OLAF Regulation

Tuesday, 24 July, 2018
24
Jul
2018

Formal comments of the EDPS on the Proposal for a Regulation of the European Parliament and of the Council amending Regulation (EU, Euratom) No 883/2013 concerning investigations conducted by the European Anti-Fraud Office (OLAF) as regards cooperation with the European public Prosecutor’s Office and the effectiveness of OLAF investigations.

Publication Alternative and Online Dispute Resolution for consumer disputes

Thursday, 12 January, 2012
12
Jan
2012

Opinion on the legislative Proposals on Alternative and Online Dispute Resolution for consumer disputes, OJ C 136/01, 11.05.2012, p1

Publication European Police Office

Friday, 16 February, 2007
16
Feb
2007

Opinion on the proposal for a Council Decision establishing the European Police Office (Europol)(COM(2006) 817 final), OJ C 255, 27.10.2007, p. 13

The objective of the proposal is not a major change in the mandate or the activities of Europol, but mainly to provide Europol with a new and more flexible legal basis. The proposal also contains substantive changes, so as to further improve Europol's functioning. It extends the mandate of Europol and it contains several new provisions, aiming to further facilitate the work of Europol, for instance on the exchange of data between Europol and other bodies of the EC/EU, like Olaf.. The proposal contains specific rules on data protection and data security, additional to the general legal framework on data protection for the third pillar that has not yet been adopted. Other changes will bring the position of Europol more in line with other bodies of the EU.
The EDPS-opinion suggests a number of improvements and concludes moreover that the Council Decision should not be adopted before the adoption by Council of a framework on data protection, guaranteeing an appropriate level of data protection.
COM(2006) 817 final of 20.12.2006 PDF icon

Publication The Digital Agenda for Europe

Wednesday, 10 April, 2013
10
Apr
2013

Opinion on the Communication from the Commission on 'The Digital Agenda for Europe - Driving European growth digitally'

Publication Union Registry for the trading period commencing on 1 January 2013

Friday, 11 May, 2012
11
May
2012

Opinion on the Commission Regulation establishing a Union Registry for the trading period commencing on 1 January 2013, and subsequent trading periods, of the Union emissions trading scheme

Publication Credit rating agencies

Friday, 10 February, 2012
10
Feb
2012

Opinion on the Commission proposal for a Regulation of the European Parliament and of the Council amending Regulation (EC) No 1060/2009 on credit rating agencies, OJ C 139/02 15.05.2012, p6

See also the text of the proposal for a Regulation of the European Parliament and of the Council amending Regulation (EC) No 1060/2009 on credit rating agencies

See also the text of the proposal for a Regulation of the European Parliament and of the Council on markets in financial instruments and amending Regulation [EMIR] on OTC derivatives, central counterparties and trade repositories

 

Publication Prevention of money laundering and terrorist financing

Thursday, 4 July, 2013
4
Jul
2013

Opinion on a proposal for a Directive of the European Parliament and of the Council on the prevention of the use of the financial system for the purpose of money laundering and terrorist financing, and a proposal for a Regulation of the European Parliament and of the Council on information on the payer accompanying transfers of funds

Publication Security features and biometrics in passports

Wednesday, 26 March, 2008
26
Mar
2008

Opinion on the proposal for a Regulation amending Council Regulation (EC) No 2252/2004 on standards for security features and biometrics in passports and travel documents issued by Member States, OJ C 200, 06.08.2008, p. 1

On 26 March 2008, the EDPS adopted an opinion on the Commission's proposal aiming at revising the 2004 Council Regulation that sets out minimum standards for security features and biometrics in passports and travel documents.

The EDPS welcomes the introduction of exemptions from giving fingerprints based on the age of the person or his/her inability to provide fingerprints. However, he still considers these exemptions as insufficient to remedy the imperfections of biometrics, such as the impact of misidentification or failure to enrol.
The EDPS' opinion includes the following recommendations:

  • fingerprints from children: the proposed six-year age limit should be considered as a provisional one, or brought in line with international practice (14 years). After three years, the age limit should be reviewed and defined by an in-depth study which is to identify the accuracy of the systems obtained under real conditions;
  • fingerprints from the elderly: an age limit for elderly, based on similar experiences already in place (79 years), should be introduced as an additional exemption;
  • principle of "one person-one passport": this principle should be applied only to children above the relevant age limit;
  • "breeder" documents: additional measures should be proposed to harmonise the production and the use of documents required in Member States to issue passports (“breeder” documents).

The EDPS recalls that exemptions should in no way stigmatize or discriminate individuals who will be exempt, because of their age as a precautionary principle or because they present obviously unreadable fingerprints

COM(2007) 619 final of 18.10.2007PDF icon

Publication Intelligent Transport Systems

Wednesday, 22 July, 2009
22
Jul
2009

Opinion on the Communication from the Commission on an Action Plan for the Deployment of Intelligent Transport Systems in Europe and the accompanying Proposal for a Directive of the European Parliament and of the Council laying down the framework for the deployment of Intelligent Transport Systems in the field of road transport and for interfaces with other transport modes, OJ C 47, 25.02.2010, p. 6

The EDPS has adopted an opinion on the European Commission's proposed deployment plan for intelligent transport systems (ITS) in Europe that was adopted in December 2008 to accelerate and coordinate their deployment in road transport and their connection with other modes of transport. The deployment of ITS  has considerable privacy implications, for instance because these systems make it possible to track a vehicle and to collect a wide variety of data relating to European road users' driving habits.

The EDPS notes that data protection has been taken into consideration in the proposed legal framework and that it is also put forward as a general condition for the proper deployment of ITS. He however underlines that the Commission's proposal is too broad and too general to adequately address the privacy and data protection concerns raised by ITS deployment in the Member States. In particular, it is not clear when the performance of ITS services will lead to the collection and processing of personal data, what are the purposes and modalities for which data processing may take place, or who will be responsible for compliance with data protection obligations.

The EDPS opinion includes the following main recommendations:

  • clarification of responsibilities: it is crucial to clarify the roles of the different actors involved in ITS in order to identify who will bear the responsibility of ensuring that systems work properly from a data protection perspective (who is the data controller?);
  • safeguards for the use of location technologies: appropriate safeguards should be implemented by data controllers providing ITS services so that the use of location technologies is not intrusive from a privacy viewpoint. This should notably require further clarification as to the specific circumstances in which a vehicle will be tracked, strictly limiting the use of location devices to what is necessary for that purpose, and ensuring  that location data are not disclosed to unauthorized recipients;
  • "privacy by design" approach: the EDPS recommends to consider privacy and data protection from an early stage of the design of ITS to define the architecture, operation and management of the systems. Privacy and security requirements should be incorporated within standards, best practices, technical specifications and systems.

Background information
ITS apply information and communication technologies (satellite, computer, telephone, etc.) to transport infrastructure and vehicles with the intention to make transport safer and cleaner and to reduce traffic congestion. ITS applications and services are based on the collection, processing and exchange of a wide variety of data, both from public and private sources, including information on traffic and accidents but also personal data, such as the driving habits and journey patterns of citizens. Their deployment will also rely to a large extent on the use of geolocalisation technologies, such as satellite-positioning and RFID tags. As such, ITS constitute a "data-intensive area" and raise a number of privacy and data protection issues that should be carefully addressed in order to ensure the workability of ITS across Europe.